Regulator urges caution after an increase in the hacking process on VoIP
Ofcom has warned businesses using VoIP to step up their security and be extra vigilant after a rise in the number of ‘dial-through fraud’ (DTF) cases, which are costing companies tens of thousands of pounds per month.
DTF involves criminals hacking into a company’s phone line and using it to make calls to premium rate and international numbers.
The National Fraud Intelligence Bureau (NFIB), a division of the police, said there was a spike in reported incidents of the fraud in March, with 36 cases reported compared to 183 between January 2012 and March 2013.
The increase prompted NFIB partner organisation Action Fraud to send out a warning to businesses about the fraudulent practice, citing two businesses in Northern Ireland which were hit with phone bills of £10,000 and £3,000 after their systems were hacked.
Ofcom said it is in discussions with other organisations, including the UK’s Network Interoperability Consultative Committee (NICC) which helps set standards for public communications networks, on updating advice for businesses after it noticed an increase in DTF over VoIP connections.
A spokesman for Ofcom said: “We are currently in discussions with our fellow EU regulators about steps that may be taken to address cross-border fraud and misuse.
“It is important that companies using VoIP systems take steps to ensure both the physical and technical security of their equipment in order to avoid becoming an ‘easy target’ for this type of criminal activity, and they should seek advice from their system or managed service provider in order to do so.
“We are approaching the NICC and relevant trade associations to ensure their advice is updated to help businesses better protect themselves against newer types of dial-through fraud that have emerged as technology has developed.”
BT said in the past 12 months it has intercepted more than 600 cases of DTF by spotting patterns such as unusual spikes in call volumes and calls going out to regions that are known to be popular call destinations with fraudsters.
Gamma Telecom, which has a VoIP-heavy portfolio, said its partners have access to an online portal which allows customers to monitor line usage. It also offers a fraud alert service, through which firms
are notified, or services cut off, if they reach agreed thresholds on the number of calls to certain regions.
EE and O2 said they each have fraud teams in place to protect customers from DTF.
O2 said any attempts to connect its SIMs to a computer, switchboard or the internet result in immediate disconnection.