MinuteBuyer, a telecoms service provider, has today launched a range of services for the business market aimed at preventing telephone fraud and PBX hacking. These types of attacks, also known as toll fraud, can leave victims with phone bills amounting to thousands of euro.
Traditionally, many organisations aren’t aware of any problem with their phone systems until after the fact – usually when they receive their phone bills. MinuteBuyer hopes to address this with services that can alert customers in real-time in the event of unusual or suspicious activity on their phone systems.
According to MinuteBuyer, there are many different types of telephone abuse ranging from making premium-charge calls to competitions or chat lines; out-of-hours phone use or excessive personal calls of long duration or to long-distance destinations.
Other variations include forwarding office phones to international numbers and then phoning the office phone at off-peak times from another location, in order to make calls abroad. More sophisticated attacks involve operators that sell the access numbers of an office PBX system.
Locally, gardaß have been warning businesses about this problem for some time and representatives of the force’s Bureau of Fraud Investigation have spoken at several conferences here over the past 12 months in a bid to raise awareness of the issue. It is widely believed that many companies still do not report this type of fraud, making the exact scale of the problem hard to quantify. Hayden said one company based in Ireland but with offices around the world had run up bills of close to €100k over a weekend.
Figures from the Forum of International Irregular Network Access put the value of worldwide telecom fraud to businesses at an estimated €60bn per year, growing at a rate of 15pc per annum.
There are three elements in the newly launched fraud service. The first, called Unique Fraud Report, is for existing MinuteBuyer customers, whether SMEs or large corporates. As part of the monthly standard report sent to a customer with details of their telecoms activity during that time, it highlights any spikes in activity such as a higher volume than usual of calls to premium-rate or international numbers.
The second reporting tool, PBX Fraud Alert, is aimed at companies using either the Avaya or Nortel PBX telephone systems. According to MinuteBuyer chief operating officer Shaun Hayden, these systems account for close to 65pc of the Irish market.
This is a managed service offered in conjunction with the Dublin-based Soft-ex, a provider of telecoms management systems. All call statistics generated by a PBX are captured and processed to generate business-critical cost information and reports on all aspects of telecoms activity.
When an unusual change in activity occurs, such as calls costing more than a specified amount, a message is relayed immediately by email and SMS to certain personnel. “The client sets the threshold and an alert is sent to key IT people who have been nominated,” explained Hayden. “If there’s a huge amount of [phone] traffic or something has been done to the system that wasn’t allowed, the IT people will get on site to fix it or can close off the system by dialling in remotely.”
The third service is the PBX Fraud Audit, which is a consultative report that identifies potential vulnerabilities within a company’s phone system, such as easily accessible passwords or call routing. “It covers all aspects of what’s going on [with a PBX]. It will highlight anywhere there’s a weakness,” said Hayden. This service is available to any company using the Avaya or Nortel telecoms systems, not just MinuteBuyer customers.
Hayden said the services allowed business to implement best practice in terms of corporate governance and telecom security. “They can approach the issue proactively and not sit back, waiting for something to happen,” he said.
By Gordon Smith
