PBX fraud facts and prevention information

PBX Fraud Frequently Asked Questions

When I get hacked, who is going to pay for the calls?
Who are these people and why are they stealing calls?
Why don't the carriers write off these charges?
Why is identifying or stopping the fraudulent calls the customer's responsibility?
How will the hacker find my system?
How do I justify the expense of corrective action when we have not suffered a loss?
What is a PHREAKER?
How does a hacker gain access to my system?
Why is it important to protect my Maintenance/Administration Port?
How do hackers know which CBX / PBX type and brand of Voice Mail I am using?
How does a hacker use my Voice Mail?
I understand why a larger user must be concerned, but I'm a small business in a rural community. Why should hacker activity concern me?
What happens when a hacker finds my Maintenance / Administration Port?
What is FAX back fraud?
What is different about this theft from other forms of fraudulent activity.
What do you mean that it has migrated?
What can we do to protect ourselves from these crooks and con artists?

1. When I get hacked, who is going to pay for the calls?

Your company is responsible for all charges incurred on your system. Recent court decisions and filed tariffs make you, not the carrier, responsible for the security of your CBX/PCX system if you have not taken steps to protect your assets.

Back to Top

2. Who are these people and why are they stealing calls?

Today, communication theft is perpetrated from remote distances by highly skilled, technologically sophisticated criminals who have little fear of being detected, let alone apprehended or prosecuted. These criminals conduct a growing business selling access to communications systems all over the country.

Back to Top

3. Why don't the carriers write off these charges?

Today, fraudulent calls are placed over many different inter-exchange Carriers (IXC), each carrier must pay that portion of the call handled by them. When the call is placed to an international location the domestic carrier must pay the foreign carrier regardless of the fraud. Court cases divestiture and FCC rulings prevent carriers from writing off calls. You the end user control access to your systems.

Back to Top

4. Why is identifying or stopping the fraudulent calls the customer's responsibility?

Only the customer can differentiate legitimate calls from fraudulent ones. The long distance carriers do not have access or permission to work on your CBX / PBX, the vehicle that hackers use most to conduct their activities.

Back to Top

5. How will the hacker find my system?

1) Criminals pay for a CBX / PBX maintenance port number and password. 2) Hackers 'scan' using auto-dialers to find systems equipped with modems. 3) Your Company's telephone directory listing or your 800 service advertising make you known to the hacker.

Back to Top

6. How do I justify the expense of corrective action when we have not suffered a loss?

Past performance is not an accurate indicator of present threats. The equipment and the motivation to perpetrate this criminal activity did not exist more than a few years ago. Just imagine attempting to explain the United States freeway system to the early inventors of the railroad, or explain to a rural builder of windmills that the windmill would be an alternate energy source.

Educate your Executive council about the pitfalls of not protecting your Corporate assets and enlist their support by implementing a Corporate policy on unauthorized access as your first step.

Back to Top

7. What is a PHREAKER?

A Phreaker exploits the omission of security controls in your system that occurred during installation or repair. The Phreaker steals from your system with out the need to change any of your parameters. The only tools required to be a very good phreaker are patience and social engineering skills.

Back to Top

8. How does a hacker gain access to my system?

Hackers use computerized calling programs, automatic dialers, and sophisticated software to break your systems security and pass codes. Hackers attempt to gain access in the following order:

    1) Phone Mail / Voice Mail
    2) Automated Attendant
    3) Remote Access or Direct Inward Service Access (DSIA)
    4) Remote Maintenance/ Administration Port.

Back to Top

9. Why is it important to protect my Maintenance/Administration Port?

This is the most important port on your CBX / PBX system. Hackers gain access to your system software and control your Voice Mail, DISA and other CBX / PBX features through the maintenance port.

Back to Top

10. How do hackers know which CBX / PBX type and brand of Voice Mail I am using?

Hackers identify the type of CBX/PBX by the Login procedure used for each system. They know the pass codes for each vendor CBX / PBX. hackers also recognize the various Voice Mail and Phonemail systems by the default digitized voice recordings.

Back to Top

11. How does a hacker use my Voice Mail?
    1) Through your Voice Mail the hacker is able to use your CBX / PBX "trunk-to-trunk connections" feature to access your long distance network.
    2) Your Voice Mail might also be used as a "bulletin board" to distribute stolen credit card and other hacker related information.
    3) They may change your greeting to "Hello!...pause....Yes, I'll accept the charges to Zaire."

Back to Top

12. I understand why a larger user must be concerned, but I'm a small business in a rural community. Why should hacker activity concern me?

Hackers use auto-dialers to search entire area codes to find systems to hack, they do not care who or where their victims are. No one is safe, and smaller companies may be less able to absorb the average loss ranging from $10,000 to $80,000 per incident.

Back to Top

13. What happens when a hacker finds my Maintenance / Administration Port?

Hackers use manufacturers default passwords or computer generated, craker programs until they find a usable password. They then enter a system unlawfully and make software changes that allow unauthorized calls. Information on how to use your altered system is then sold to "call sell operators" who sell calls over your system to whomever wishes to place calls. These calls are typically made from public telephones (pay phones) in large metropolitan cities.

Back to Top

14. What is FAX back fraud?

The theft consisted of compromising a system set up to deliver FAX information. The system accepted incoming requests for catalogs, product information and investment opportunities. These request were stored with a call back number. During off peak hours the system delivers the requested information via a call back. The company sending out the information pays for the call. International tele-thieves requested information that in reality was transmitted to an international "Party Line", pay per call number. This number answered with Fax tone and threw the incoming message away. the thieve may request 100 copies of the information and attempts to collect $3.95 per minute, plus the cost of the international call, from the unsuspecting victims.

Back to Top

15. What is different about this theft from other forms of fraudulent activity.

There are three major differences with this case:

    1) The call is processed as data, not voice.
    2) An international organization is required to: find the victim, set up the call, collect the money and manage the administration in a foreign location.
    3) The theft or scheme has migrated and expanded in form and severity.

Back to Top

16. What do you mean that it has migrated?

When first discovered the theft required a victim to have FAX Back Service. The thieves then migrated to "looping through a CBX". Now they are using cheap throw away FAX machines and clip on fraud to attack everyone, even homes and apartment buildings.

The thief places an incoming call from Germany to US to a target system. They dial out of that system to the "Pay per call" number in a foreign country. They do not need FAX back service and in control of the origin and termination of the call. This scam has resulted in bills of up to $80,000 being incurred by victims in a week end.

Criminals are buying cheap battery powered FAX machines and clipping them on to exposed telephone wires. They call the international number and charge a $400 to $500 dollar call to the victim.

Back to Top

17. What can we do to protect ourselves from these crooks and con artists?

As with your personal lives, the better informed you are to the risks the better protected you are. Stay on top of the threats and form "A NEIGHBORHOOD WATCH" team that includes; a current policy on security, a secure system configuration, your Long Distance Carrier and a team approach to security and service with your equipment vendor. Do not let management or your Company be taken by surprise. This is one disaster that is very predictable and equally preventable.

Remember that you will be a victim. You control the severity of the attack. In 1995 the Department of Defense conducted Tiger Team Attacks and out of 8,932 attempted break-ins, 393 were discovered and only 86 were stopped. Hackers and Phreakers are much easier to stop from breaking in than they are to evict.

Insist on seeing evidence that your Long Distance Carrier and your Local Exchange Carrier will join your team. The carrier must have an adequate plan to identify theft of service, a client education program an a plan to provide you with assistance beyond their control.

Back to Top

 
Home | Services | About Us | Security Research | Contact Us
 
TeleDesign Security
7575 W. Washington Ave., Ste 127
Las Vegas NV 89128
1.866.719.4715