In June 2013 the National Fraud Authority (NFA) placed the loss to the UK economy from fraud at £52 billion. Telecommunications fraud made up approximately £953 million of that total. That’s nearly £1 billion every year pocketed by fraudsters in the UK alone.
The NFA rated their estimate confidence as “good” but not “excellent” which suggests that telecommunication fraud could be even more prolific.
In comparison to tax fraud, which makes up £14 billion of the total amount, telecom’s £953 million may seem like a meagre amount however the individual victim’s financial costs, often coupled with immense emotional pressure, is equally as significant.
How does it happen?
Telephony fraud, and specifically Voice-over-IP (VoIP) telephony fraud, is becoming an ever increasing problem in the industry as more businesses make the switch from old-style PBXs to VoIP providing more potential victims for the fraudsters to take advantage from.
This specific type of fraud was much more difficult before VoIP, often requiring considerable investment, expert skills and advanced equipment. Now, with VoIP, the equipment is readily available, low cost and easy to set up and then move when discovered.
Many victims of telephony fraud are small to medium businesses looking to save money by switching to VoIP. Hackers and fraudsters see them as vulnerable targets often without the budget for security that a bigger firm may have.
Having read many reports of businesses in this situation, the story generally reads the same; an unsuspecting business receives their bill as usual come the end of the month, only to be greeted with a bill twice, or even ten times, the size they were expecting. All without the business, or their telecommunications provider, noticing a thing.
Hackers can steal your credentials and use them to place calls to high-cost, premium and often international destinations with expensive connection chargers.
Racking up hundreds of calls in a matter of hours could prove very costly to the legitimate owner of the credentials and very valuable to the hacker.
What can I do?
Packnet Ltd. have multiple layers of fraud prevention systems put in place to help this from happening to our customers but nothing can protect you better than locking down your own network.
VoIP fraud will generally only succeed when the victim has a hole in their security which a hacker can exploit, like a default password set on a device or no password at all. If you are not sure how to set your device’s password, or what is deemed a complex password then contact your supplier, or contact Packnet for guidance.
It’s recommended to apply complex passwords or passphrases to all devices connected to the internet.
Generally a good password is made up of various letters, characters and numbers. Passphrases have been a recent go-to for the tech industry as they are more difficult to crack.
Popular tech comic xkcd published a funny but informative take on it. The point made is it’s easier for computers to guess a randomly generated password such as “DX#i8oP” than a phrase like “ComputersDon’tLikeHeat”. The longer the phrase, the more difficult it is to crack.
Together with securing your devices with passwords you should always check if your router, or any internet device, is accessible via their public IP address and port number. Unless you need your router accessible to the wider internet then you should always turn off this setting. If you are not sure how to do this then contact your router supplier for guidance.
If you have been a victim of telephony fraud then ITSPA and Action Fraud have put together a helpful PDF guide on what you can do to report it.
By reporting you can help authorities correctly judge the amount lost to the UK economy which could lead to more resources being allocated to preventing telephony fraud.
If you would like to contact us and discuss how you can prevent fraud from happening to you, or how our fraud prevention systems could benifit your business then call us on 0161 660 2350 or email us at firstname.lastname@example.org.