Archive for Tips

PBX Hacking- Potential for a Big Hit to Your Bottom Line

Many businesses are not aware that they are responsible for all calls made from the phone system even if calls are fraudulent. One of our clients was stunned to learn that $4,714.04 worth of phone calls were placed on its equipment to Somalia. Especially, since they never call Somalia. Here’s what happened:

The first call was placed to Somalia at 9:35 PM on 10/30 (Friday) with the last call being placed at 6:47 AM on 10/31 (Saturday). It is significant to note that all 475 calls totaling 4098 minutes were placed to the same telephone number (TN) (252) 216-XXXX.  Since 10/30 was a Friday, it is obvious that all the calls were placed when personnel were not expected to be at work.

The customer was notified by their carrier on Monday 11-2. They immediately called in the PBX vendor who had all of the passwords on voice mail changed to more secure passwords. We recommended restricting long distance from their PBX, enrolling in the carrier’s fraud protection program, and adding calling codes.

While we are aware of the contract language stating that the customer is responsible for fraud, we believe the customer should be relived of the obligation in this case. It would seem that their carrier should have been able to notice hour upon hour of calls to a high fraud country with no prior history of those calls being legitimate for this customer. Particularly, since the same telephone number (TN) was called 475 times.

It is interesting to note that immediately prior to commencement of the Somalia calls seven calls were made to mobile TN’s in Liechtenstein. After the first Somalia call, a call was made to a mobile TN in Zimbabwe.

The customer was very upset, especially since they were new to their carrier and had no issues like this with their previous carrier. We explained to the customer that this could have happened regardless of which service provider they were using. While our agency helped negotiate a settlement in this matter, we decided to warn others so they can take steps to avoid this problem.

We found Frontier Communications has published concise and comprehensive information, followed by instruction on how to deal with this matter:

  • A PBX – private branch exchange – is a telephone system operating within a company and has outside telephone lines. Frontier Communications (NYSE: FTR) is reminding business PBX customers that “private” does not protect them from hackers.
  • “Business customers are responsible for protecting their own PBX equipment from fraudulent use, so some basic blocking and tackling by companies can help prevent hacking of their equipment,” said Jeff Blanton, Manager of Revenue Assurance for Frontier.
  • Voice Mail Fraud is the most prevalent and most significant threat to businesses using a PBX. Hackers gain access to the phone system in order to place long distance calls directly from the business customer’s lines.  Unauthorized access to a system is usually gained through voice mail menus protected with simple passwords (1111, 2222, 1234, etc.) or unchanged factory default passwords. Once in the system, hackers use system commands to gain dial tone and place calls that appear just like any other call originating from the business. Good password management policy and practice is a strong protection step.
  • Default User Passwords and maintenance port passwords can wind up on the PBX system when the installation and configuration isn’t properly done. Many savvy Fraudsters know the default passwords used by switch vendors.  PBX fraud can occur when the PBX vendor or the customer fails to change these default passwords.

Although no system is 100 percent protected, Frontier suggests that business customers do the following to help prevent PBX fraud/hacking:

  • Confirm that no default or unchanged factory passwords exist in the PBX and/or voice mail system.
  • Confirm no unauthorized or additional passwords exist in the system.
  • If the customer does not need international calling, recommend international call blocking in the PBX and at the local switch/long distance switch.
  • Delete/lock all unused mailboxes.
  • Require ALL users to change their voice mailbox passwords to 6 or 8 digit non-trivial passwords. This includes Administrative, General Delivery and System Manager Mailboxes.
  • Disable Outbound Transfer/Dial/Pool Access in administrative programming (COS) for each mailbox.
  • Lock out mailboxes after three unsuccessful password attempts.
  • Disable DISA (Direct Inward System Access) and/or establish secure account codes if possible. (DISA allows someone calling in from outside the PBX to obtain an “internal” system dial tone and dial calls as if from one of the extensions attached to the telephone switch.)
  • Set up restriction filters and apply them to voice mail ports/DNs.
  • Set up restriction filters and apply them to lines and/or setup COS passwords to by-pass restrictions.
  • Disable “Allow Redirect” option for all sets.
  • Make sure systems are upgraded to latest patches.
  • Treat all internal directories, call logging reports and audit logs as confidential. Shred them when no longer needed.
  • Disable remote access to any maintenance ports/modems.
  • Block 1-900, 1-976, and 1010 casual dialing within the PBX/Voice Mail system.
  • Block third-party/Collect calls against the PBX DNs

For more information about how to protect your company against PBX hacking, please contact Sagewood Group: (858) 385-0001 or [email protected]

How to change providers with no down time

A common mistake customers make when switching providers is cancelling their old provider before the new one has completely installed. Some carriers cannot release any phone number to be ported out to the new provider while there is a simultaneous disconnect order in the system. If you have an integrated circuit with both voice and data on it, you will want to make sure your new Internet service is up and running before you port your phone numbers to the new provider. Otherwise, the existing carrier may disconnect the entire circuit that day! Several of Sagewood’s providers offer incentives (like a free month) to help off-set the costs of billing overlap while changing providers.

Building redundancy into your communications plan

What happens if your T1 or Fiber connection goes down?  Have you thought of an alternate number to route your important inbound customer calls to?  Several of our carriers offer a feature that routes your main number and any important 800 numbers to a pre-determined back-up line, cell phone or voice mail in the case of an outage. This is done automatically from the carrier’s switch after they see alarms on your circuit, without you having to call in. This way you won’t miss important customer calls while the problem is being fixed.

Disaster Recovery – Automatically protect your data via the Internet

Events like power outages, server corruption, disk crashes, viruses and natural and human disasters can take your business permanently offline. Protect your data and gain comfort knowing that you can restore complete business functionality quickly in the event of data loss.

With online remote back-up, your data is automatically transferred to a secure offsite storage location via your Internet connection. You can view the status of your backup jobs through a web portal at any time. Rest assured that your valuable information is backed up with anytime, anywhere access. After the initial set-up there is no effort on your part, no tapes to mess with, and no drives to take home.

Email Scanning

A common complaint we hear has to do with “all that spam in my email box!” While computer anti-virus software provides a good level of security, you can go a step deeper if you have more than 20 computers. High-tech email security services provides anti-virus, anti-spam, and intrusion protections that keep malicious traffic off the network by scanning it before it even hits the network