Anyone already running an anti-malware is well aware of the risks of running a business with, and through, computers. But what about your phone system? A recent article from The New York Times has exposed an old scam made new by Internet-connected calling systems, and it cost small businesses around the world $4.73 billion, last year alone. “Phone hacking,” as it’s called, involves cybercriminals leasing premium rate phone numbers and getting as many people to call in as they can. Each call earns the crooks a small commission, whether it’s from a real human or not, and so to maximize earnings organized criminals hack in to small businesses’ phone systems. Once access is obtained, the phones – which in many office environments now perform calling through a high-speed Internet connection – can be commanded to call the criminals’ premium rate lines, at the victims’ expense. To avoid detection, criminals will typically target businesses during off-hours, such as nights and weekends.
What makes this a concern for small business owners in particular is that many local carriers providing Internet-based phone services are not required by law to offer anti-fraud protection. This means that if their customers get hacked, their customers have to foot the bill – which can be as much as $200,000 from just one weekend of fraudulent activity.
How can you stay protected? Experts currently recommend turning off automated call forwarding if possible and adopting the use of strong passwords for both voicemail access and for placing international calls. Adopting an active awareness of all the ways your business can be breached – beyond just malware – helps too. For more on this topic, we recommend Emsisoft’s Hacking Identity Theft I and II.
For the original story, see Phone Hackers Dial and Redial to Steal Billions.
Have a great (fraud-free) day!