Toll fraud happens when scammers illegally access a company’s phone system to call high-cost, premium-rate numbers. It is a serious issue in telecommunications, costing the industry a staggering $39 billion annually.
In 2021, the average cost per incident was $40,000 for toll fraud involving remote workers. One telecom company in particular even identified and halted the fraudulent calls in under an hour—yet the scammers still accumulated charges of $2,133.58.
Having to pay the fees associated with toll fraud can be devastating to a company, especially for smaller businesses. Thus, taking the time to learn about the measures you can take to prevent it is time well spent.
Modern Toll Fraud Is On Every Channel
Keep in mind that toll fraud is not limited to voice calls, as it extends across various platforms, including VoIP and SMS.
Common Types of Toll Fraud
Each of the many forms of toll fraud comes with unique methods and impacts. The major types of toll fraud you should be aware of to protect your business are as follows:
- Wangiri Fraud: “Wangiri” means “one and cut” in Japanese. In this scam, the fraudster calls and hangs up after one ring, prompting the recipient to call back a costly number they control.
- Modified-Wangiri Attack: This is a twist on Wangiri fraud in which scammers call a company’s system from a high-cost number and request a callback. When the company calls back, it incurs significant charges.
- Interconnect Bypass Fraud: Also known as SIM box fraud, this involves using devices to reroute international calls at lower costs while charging the caller normal rates.
- PBX Hacking: Hackers access a company’s private phone network (PBX) and use it to make calls to premium-rate numbers.
- Account Takeover: If scammers obtain login details for telecom accounts, they can use them to make unauthorized calls or transactions, leading to charges for the account owners.
- International Revenue Share Fraud (IRSF): This is when scammers make fake calls to premium numbers under revenue-sharing agreements, blending them with real calls to avoid detection and causing losses for both telecoms and their customers.
- VoIP Fraud: Some hackers will target VoIP devices with weak security, using them to make expensive international calls and sell access to these routes at lower rates.
- SMS Pumping: This involves sending a large volume of SMS messages to premium-rate numbers (controlled by the same scammers), exploiting mobile network operators to generate illicit revenue.
- Voice Verification Code Spamming: This is when fraudsters use voice verification in 2FA systems, launching scripted attacks to create many calls—often to costly international numbers.
- SMS Verification Code Spamming: Similar to voice spamming, this method uses fake verification texts sent en masse. It targets high-cost SMS destinations to generate revenue.
6 Simple Tactics for Toll Fraud Prevention
Keeping your business safe from toll fraud, especially in VoIP systems, is critically important. Remember these six tips to stay one step ahead:
1. Don’t Leave Ports Open
Open ports are necessary for digital systems to function, especially VoIP. Meanwhile, Session Initiation Protocol (SIP) ports, such as 5060, must be open to enable VoIP communications—and this poses risks.
For example, port scanning, which is when hackers look for open ports to exploit, can lead to quick attacks. Unprotected ports can be hit with spam or more severe attacks like toll fraud or data breaches.
To open ports more securely, remember to employ firewalls and VPNs.
Using multi-factor authentication (MFA) is another good idea to enhance security further, as is running regular audits on your network to identify which ports are open. You can accomplish this by using network tools to detect and close ports that aren’t needed while also ensuring that essential ports for services like email servers remain open and secure.
To determine which ports are open and ensure that only authorized traffic is allowed, follow these steps:
- Conduct a Port Scan: Use network scanning tools to perform a port scan. This will identify all open ports on your network. Tools like Nmap can provide a detailed overview of your network’s open ports.
- Analyze and Review: Analyze the scan results to understand why each port is open. Determine if the open ports are necessary for your operations or if they pose a security risk.
- Implement Access Controls: For necessary open ports, implement strict access controls. This includes configuring firewall rules to allow only trusted IP addresses and setting up VPNs for secure remote access.
- Regular Monitoring: Continuously monitor your network’s traffic to detect any unusual activity. Setting up intrusion detection systems can help identify potential unauthorized access attempts.
2. Regular Monitoring and Patching
Outdated software is responsible for 34% of security breaches, and patch management is essential to address this concern.
Patch management involves continuously monitoring your network for new vulnerabilities and deploying the appropriate updates for them. Checking for new patches automatically is an excellent way to ensure timely updates and reduce the risk of human error.
It’s also important to prioritize vulnerabilities. A scoring system like the Common Vulnerability Scoring System (CVSS) rates the severity of vulnerabilities, which helps you focus your resources on the most critical issues. Taking a risk-based approach (underpinned by regular monitoring) will ensure that any high-risk vulnerabilities are addressed promptly, reducing your company’s risk for exploitation by cyber attackers.
3. Strong Account Security
There are several ways you can enhance your account security to protect against the risk of toll fraud.
- Create Strong Passwords: Password management is crucial. Use unique, complex passwords for each platform and replace default passwords with strong, individual ones. Quickly change your passwords if there’s ever a breach in your service provider’s security, especially if you’ve used the same password elsewhere—which you shouldn’t have done in the first place, ya goof.
- Use Two-Factor Authentication (2FA): This adds an extra layer of security to your accounts by requiring two types of identification, such as a code sent to your phone or a biometric scan, making it harder for unauthorized access even if a password is compromised.
- Maintain communication security: Be cautious with communication and data storage. Avoid sending sensitive information like passwords or SIP account details via unencrypted email. Also, refrain from storing passwords in easily accessible places.
- Use role-based access: Define user permissions and access levels for each team member, ensuring they only have access to software and data needed for their specific roles.
4. Geo Permissions and Rate Limits
Geo permissions control verification traffic to destination countries for SMS and voice channels, reducing the risk of exploitation through SMS pumping and toll fraud. By setting these permissions, you can restrict traffic from countries where your business doesn’t operate, as well as monitor traffic to detect and block fraudulent activities.
Alongside geo permissions, implementing rate limits is crucial. Rate limiting involves controlling the number of calls or messages sent to a particular destination within a given timeframe. This can be particularly effective in mitigating toll fraud risks.
For example, setting limits on the number of calls allowed per minute or per day to high-risk countries can prevent massive financial losses due to toll fraud. By combining geo permissions with strategic rate limits, you can effectively secure your telecommunication traffic against fraudulent activities.
5. Network and PBX Security
Beyond the basic account security measures of using strong passwords and 2FA, additional network and PBX security measures include:
- Configuring PBX Audits: Running PBX audits can help identify and disable unnecessary services or features. This proactive step helps close potential security gaps that could lead to many instances of toll fraud.
- Implementing Network Segmentation: Segment your network to create separate zones for voice and data traffic. This separation enhances security and restricts access to the PBX system in case of a breach, reducing the overall risk of toll fraud.
- Using VoIP-Specific Firewalls: Employ firewalls tailored for VoIP traffic to safeguard SIP protocols. These specialized firewalls offer stronger protection against attacks, mitigating the risk of unauthorized calls that can incur significant costs for your business.
- Installing Session Border Controllers (SBCs): SBCs help prevent unauthorized access to your VoIP network, thus protecting it against toll fraud and the misuse of your VoIP system by external threats.
6. Employee Training and Policies
Effective employee training and policies are vital in preventing toll fraud and ensuring network security. Be sure to have comprehensive training programs that cover the fundamentals of cybersecurity, specific risks related to toll fraud, and the importance of maintaining strong account security.
Regularly scheduled training sessions, including onboarding for new employees and periodic refreshers for existing staff, ensure that everyone is up to date with the latest security practices and protocols. These sessions should include practical scenarios and real-world examples to help employees understand the importance of their individual roles in safeguarding the company’s telecommunications systems.
In addition to providing training, it’s also important to have well-defined policies that outline guidelines for password management, procedures for reporting suspicious activities, and protocols for responding to security breaches. Remember to keep your policies clear, accessible, and consistently enforced.
