Action Fraud is continuing to receive reports of businesses falling victim to “PBX Dial through fraud”. Find out what it is and how to protect against it.
What is PBX Fraud?
Private Branch Exchanges (PBX) are telephone systems used by businesses to communicate both internally and externally. Fraudsters target these systems to make calls to premium rate/international numbers. Victims are liable for the fraudulent transactions, which can cause significant financial harm or even bankruptcy.
Or in technical terms; a PBX is a telephone switching system that connects internal telephones, as well as connecting them to the Public Switched Telephone Network (PSTN), Voice over Internet Protocol (VoIP) providers and Session Initiation Protocol (SIP) Trunks. The PBX will often allow access to voice messaging systems.
How do the fraudsters get access and make money?
Depending on the type of system used there are a number of ways a hacker may gain access.
Incorrectly configured firewalls, poor security settings, lack of maintenance as well as the use of default passwords allow quick and easy access for the hackers.
Once access is gained, the criminals can exploit in-built services such as voicemail, call forwarding and call diversion to direct calls to a number of their choosing. This will often be to premium rate or international numbers.
In this fraud the criminal tends to make their money in two ways:
- Dialling premium rate numbers that are associated with international calling companies.
- Dialling international numbers through the compromised telephone system, most noticeably to Eastern Europe, Cuba and Africa.
In both instances the suspects will either have a share in the revenue generated by the calls or they will be paid for their hacking services in advance.
This type of fraud is most likely to occur when organisations are most vulnerable i.e. during times when businesses are closed but their telephone systems are NOT; for example in the early hours of the morning or over a weekend or public holiday.
The good news is that some simple steps will significantly reduce your risk of becoming a victim:
- If you still have your voicemail on a default PIN/password change it immediately.
- Use strong PIN/passwords for your voicemail system, ensuring they are changed regularly.
- Disable access to your voicemail system from outside lines. This is usually used for remote workers to access. If this is not business critical then disable it or ensure the access is restricted to essential users and they regularly update their PIN/passwords.
- If you do not need to call international numbers/premium rate numbers, ask your telecoms provider to place a restriction on your telephone line.
- Consider asking your network provider to not permit outbound calls at certain times e.g. when your business is closed.
- Ask your telecoms provider to alert you immediately if there is any unusual call activity taking place on your telephone lines.
- Ensure you regularly review available call logging and call reporting options, regularly monitor for increased or suspect call traffic.
- Secure your exchange and communications system, use a strong PBX firewall and if you don’t need the function, close it down.
- If you use a maintenance provider speak to them or ensure that the person responsible for the PBX understands the threats and ask them to correct any identified security defects.
- Consider consulting an IT telecoms professional to ensure your settings for your PBX systems are secure and the settings have been properly set up.
Report fraud and cyber crime to Action Fraud and receive a police crime reference number.