Table of Contents
PBX & VOIP Hacking
PBX & VOIP hacking is responsible for millions of dollars in losses for organisations each year, and it’s having a massive impact on Australian businesses.
Who will protect your business from hackers?
PBX & VOIP hacking can result is a substantial amount of unauthorized call charges on your telecommunications account from people or groups who have infiltrated your system and used it to make long distance and international calls without your knowledge.
It is your responsibility to protect your business from hackers. If you are ever hacked, you’ll have to pay the charges. Ideally, your provider would have briefed you when you purchased your phone system; they should have told you about the risk of hacking and ways that you can avoid it. You should contact them first if you do find your business phone system has been breached.
Infiniti may provide notification if we suspect any possibility of fraud on your account, however, we may not find out until after the event. Maintaining your system security is not our responsibility, nor is any damage caused should your system be compromised. That responsibility to protect your business from hackers falls onto you.
How and why does it happen?
The main point of hacking your phone system or service is so that the hackers can make obscure international phone calls at no cost to themselves at all; any charges are payable by the organisation whose system or service has been hacked. If they do it for long enough undetected, these costs can become quite large.
They exploit any weaknesses in a company’s phone system by deciphering their voicemail pins and or call feature codes. Once they have entered the system they can then reprogram it to make international phone calls.They will then do one of two things; mimic an operator to on-sell calls, or divert the calls to their own plans. This means they don’t have to pay a cent for anything, while the hacked business is left with the bill.
Most often a hacker will attempt to do this after office hours in order to avoid detection. This also means that a lot of damage can be done before anyone in your office notices a problem.
Ways to Protect your Business Hackers
- Don’t use default pins
- Change your pins on a regular basis
- Turn off any abilities from your voicemail ports (such as call forwarding and outbound calls)
- Make sure to get rid of any unused voicemail boxes
- Unless its absolutely necessary disable all international call access
- Keep your phone system administration unit in a secure place
- Make restrictions to all outgoing calls made after office hours
- Unless absolutely necessary, turn off remote access to the systems features
- Check regularly to see if there’s been a high amount of calls being made at night, on weekends or on public holidays
- Disable all administration short codes
- Constantly review all call records for any unusual activities – familiarise yourself with what’s normal, so you’ll be able to immediately identify what’s not
Signs That You Have Been Hacked
Keep your eye out for one or more of these possible warning signs:
- You may receive a phone bill from a provider that you aren’t even associated with
- You get a “busy” error message when trying to receive a voicemail
- High amounts of calls being made on weekends, nights & public holidays
- International calls showing up on your bills that you usually don’t or never call
- Very quick calls in your records (less than 10 seconds)
Consult with your PBX maintainer to find out whether or not your system has been hacked.
To find out how Infiniti can help you prevent or get rid of hackers call us on 1300 889 792