Many SMEs try to do things themselves and on the cheap, but when it comes to cloud-based switchboard solutions, doing that can open you up to huge bills, thanks to fraud syndicates. And huge telecoms costs are what few start-ups can ill afford.
Toll fraud targeting telephone systems has been around ever since people started devising ways not to pay for phone calls.
The difference with toll fraud targeting VoIP switchboards that SMEs have most probably installed themselves, is that this type of telephone fraud is not about making a free long distance call to mom and dad.
“Local and international fraudsters cracking an SME’s poorly-installed VoIP switchboard can put a small business out of business in minutes,” says Greg Massel, MD of Switch Telecom.
Massel explains that the toll fraud threat to the liquidity of SMEs, in particular, comes from the fact that fraudsters can ring up tens of thousands of rands in phone bills in minutes. “The business owner would be liable for those charges and most SMEs would find it very hard to recover from a phone bill that is perhaps ten times bigger than usual.”
How does it happen
Voice over Internet Protocol (VoIP) technology uses the Internet to make and receive phone calls, and not infrastructure owned by the traditional telephone networks, so it is significantly cheaper and attracts cost-conscious enterprises such as SMEs.
“Toll fraud problems arise when SMEs use an unqualified person to install their office PBXs. Unfortunately, in the long run, using an internal employee not adequately versed in the installation of VoIP switchboards can be extremely costly for a number of reasons,” explained Massel.
- Proper user names and passwords are seldom maintained
- Security patches are not regularly updated
- What happens when the only person in the business who has any understanding of the VoIP PBX leaves the company.
How the fraud works
The most common type of VoIP toll fraud involves international premium numbers. Premium numbers operate on a revenue-sharing basis, where the telecom’s operator pays a portion of the call revenue to the company that owns the number.
Typically, a VoIP subscriber’s PBX system is hacked and the hacker then uses the system to make multiple calls to a premium number registered by accomplices. The hacker then receives a percentage of that revenue back from the operator and the VoIP business subscriber ultimately foots the bill.
Preventing toll fraud
“The best option is for companies to engage the services of an experienced VoIP provider that can properly set up a fully managed VoIP PBX solution,” he says.
A specialist VoIP provider will:
- Set up credit limits on client accounts
- Properly maintain security patches
- Ensure that any untoward “toll fraud” activity is speedily identified and combatted.