Sep 17, 2019 The Threat of Toll Fraud Persists
With a toll fraud prevention and mitigation strategy, enterprises can identify and mitigate potential toll threats – sometimes before they even happen.
As No Jitter contributor Joyce Osenbaugh noted earlier this year, telecom fraud is on the rise. The Communications Fraud Control Association (CFCA)’s annual survey of telecom fraud noted 2018 losses amounted to around $28 billion. While that’s down a bit over the last few years, bad actors can still attack enterprise phone systems by fraudulent means.
Cost of Toll Frauds
Toll fraud attacks happen in a variety of ways. In most instances, attacks take the form of International Revenue Share Fraud (IRSF), an approach where attackers exploit a compromised VoIP server to generate large numbers of calls to high calling rate markets. Attackers make their money often by setting up fraudulent companies, or in conjunction with rogue telecom operators. The 2017 CFCA survey noted that of the $29.2 billion in losses that year, $6.10 billion was due to IRSF attacks.
Other forms of fraud include attacks to high-cost 8xx numbers or SIM box attacks that seek to evade telco interconnects to avoid paying tariffs. In addition to these commonplace attacks, many phone calls are simply spam or fraudulent attempts to get unsuspecting receivers to part with their money through several illicit schemes.
Unfortunately, most enterprise telecom leaders still pay little attention to security. As I noted in a No Jitter post this past July, 21.3% of the 645 organizations participating in our Workplace Collaboration: 2019-20 Research Study have a pro-active security strategy. Of those with a strategy, most include audits, penetration testing, and regular patching as key components of their security approach. Only 25% believe that adopting SIP trunking creates an additional security risk.
Read the rest of this post on NoJitter.com