Blog | Webtel Telephone Management | Multimatics


PBX Hacking. Are you safe ?

PBX telephony fraud is the theft of telecommunications services. It also involves deliberate abuse of the voice network in an attempt to reduce or avoid the charges that ordinarily would have been incurred by the culprit. PBX telephony fraud may be perpetrated either from within the organisation by employees or contractors, or by third-parties outside the company, and often outside the country. Whatever the source, the result is the same – the call costs are forced onto someone else.​

PBX systems are easy targets because they are often implemented by people who are not internet security experts. Maintenance of PBX systems will often be provided from a remote location via the internet, which can leave you vulnerable to a hacking.

What'ʹs in it for the fraudsters?

Well, it's unlikely that fraudster wants to save a few bucks on personal calls, but instead, the fraudster is likely to onsell any available SIP trunks found for high volume traffic purposes.

What can be done?

Ideally, one should disconnect all system access ports and block all outside access to the PBX but in the modern age of IP telephony, this is not really feasible,

The next best option is to block as many users as possible from making international calls, as some of the biggest thefts have involved overseas calls. If your company makes lots of overseas calls, rather open up calls only to the international countries you need. 

The following measures can also be taken:

Block all access at night as many fraudulent calls seem to be made late at night.

Set passwords that include numbers, digits and special characters.

Delete all passwords programmed into the PBX for testing and service purposes, as well as the original default passwords. This may seem obvious, but double check that this has been done.

In addition, the access of ex-employees should be revoked.

Set up a daily report on your Telephone Management System that highlights any exceptional call volumes. Webtel can be set to generate a data alert if call volumes increase beyond an acceptable limit. 

Have you ever considered using your TMS to help your marketing guys ?

Consider how much money is spent on reception areas. Motor dealers, banks & retailers spend millions on ensuring a favorable first impression for their walk in clients. However, an area that is often forgotten is the first impression a client gets when they call your company. IT is usually responsible for the PBX. When last did you hear someone say, "I would much rather deal with the call centre than an individual" or "Wow, that machine on the phone was so helpful". It seldom, if ever,  happens.  Sure, marketing is not responsible for the person or the machine at the receiving end of an enquiry. You are however responsible for the overall impression left.

A huge amount of effort and money is spent promoting brands, products and companies. This is easily spoilt by badly informed staff, annoying machines and inadequate equipment. 

But did you know that lots of information is made available by these machines?  For example: Do you know how long the average caller spends on hold? if you did, your on-hold message could be formatted accordingly. This information is available. Do you know what kind of response you're having to an ad campaign? Once again, intelligent telephone management makes this information available.

Where are your callers calling you from? By centralising your telephony data, statistical reports can be generated and proper business intelligence can take place.

© Copyright 2016 Multimatics (Pty) Limited