The Easter holidays could provide rich pickings for dial-through fraud gangs with most businesses closed for the four-day break, but there is also a growing threat to businesses while they are open.
We have often used this blog to highlight the threat of dial-through fraud whereby telephone systems are hacked and calls diverted to premium rate numbers to generate ill-gotten gains.
The reason why the Easter break or, indeed, any period where a business may be closed for longer than usual, is that some line providers may not notice this unusual activity until they return to work on Tuesday. If the fraud was instigated on Thursday night, that could mean five days of dial-through activity which could accumulate extraordinary costs which the business will have to pay.
More recently though, we have seen a different type of phone fraud affecting businesses with criminal gangs rather ironically posing as bank anti-fraud experts.
This costs the UK around 1.5 billion per year.
These fraudsters call businesses and control the caller display number, using a technique called spoofing, so it appears they are calling from a genuine bank number. The caller informs the business there has been fraudulent activity on their account and advises them to move their funds into a different account, which is then shared between multiple accounts to quickly move the money on to the gangs.
This has cost UK businesses at least £7 million with charities being the leading target.
Businesses clearly need to be vigilant whether the office is closed or open. It would be pertinent to alert your accounts teams to this new type of fraud. They should understand that banks will never ask businesses to undertake a transaction like this, so any requests like this are suspicious. We would advise them to hang up and report the incident to their bank immediately; never give out any account details, passwords, etc.
Reduce the risk
Meanwhile, as this is the last working day before the Easter break, here are a few tips to reduce, but not eliminate, the risk of fraud:
- Frequently change PINs/passwords (including voicemail), especially when employees leave
- Ensure PINs/passwords are random and strong - do not use the default ones or obvious ones, e.g. 1-2-3-4 or 0-0-0-0
- Disable or restrict access to your voicemail from outside lines, e.g. remote workers
- Disable unwanted features
- Implement an effective call barring plan, e.g. no calls to international or premium rate numbers or no outgoing outside office hours
- Check your network provider can alert you quickly when an excessive charge is incurred
- Ensure your telephone system is fully up to date with current software/security levels
- Conduct a security audit of your telephone system like you would any of your IT systems
- Ensure your staff are fully trained on your telephone system so they fully understand how to use its features and the risks involved
Fraud management service
You can also insure your business against crippling phone bills with our Fraud Management Service.
This not only monitors your lines for fraudulent activity but we limit your bill to £750 per number for any instance of fraudulent activity as the charges can be crippling.
If your system is hacked and they call a £1.50 per minute premium rate number (it can often be more), this will rack up to £2,160 in just 24 hours. This is assuming they have overtaken one line and just for one day. This isn’t a low-level crime and the attackers are sophisticated in their endeavours, so rarely get caught and brought to justice.
A lot of competitors will offer a monitoring service, where they will monitor your lines and notify you of suspicious activity. This is often after the event and you will usually remain liable for the huge charges you have incurred. At swcomms, we proactively monitor your lines, bar them where necessary and limit your liability to £750 per number. If this interests your business, please do not hesitate to contact me.