What Is Telephony Fraud and How To Prevent It

Telecommunication hacking (also known as phreaking) is a global problem costing small and large businesses alike an estimated £42.6bn per year. Despite this, many of these businesses fail to factor in any sort of fraud strategy, leaving themselves, their employers, and as a result their customers, vulnerable to the potential risks. But what is telephony fraud, and how can you best protect your business from it?

History and Evolution

Phreaking is most commonly associated with the action of hacking into telecommunication systems to obtain free calls and access. A type of telephony fraud, it began in the late 1950s when hackers worked out through the use of reverse engineering how to manipulate tone dials and re-route signals, as well as impersonating phone operators. It was the blueprint for telephony fraud in later technological advancements, which has now expanded to also include money obtained illegally through telecommunication services. Modern day methods of invading such systems have become incredibly sophisticated and often hard to detect, and so it remains a fundamental concern for businesses.

Given that we can make calls from almost any device, it means there is more chance of hacking and other security breaches. It’s not just phones, but computers too that are at risk of phreaking. What begins with gaining unauthorised access to phone networks and creating incognito group calls on the network’s framework can quickly evolve to breaching and corrupting entire data systems. It can be incredibly damaging for businesses forced to pay out unexpected costs due to fraudulent activities, as well as for the customers linked to their accounts.

Hackers in Action

Take the recent case that emerged last year, where research collated by cyber security agency Crowdstrike found that a group of anonymous hackers had infiltrated a dozen telecommunications companies since 2019. The report stated that the group exhibited “in-depth” knowledge of the network’s architecture, allowing them an easy route into thousands of customers’ phones without needing to breach them directly. 

An alarming case, but unfortunately not a rare one. In the same year, a string of DDoS attacks against UK telecom providers transpired. What made this case particularly unnerving was that many of the providers represented public organisations such as the NHS and the Metropolitan Police. 

Security Hazards

As mentioned before, many businesses are unaware of how vulnerable their systems are to phreaking and other forms of telephony fraud. There are a number of factors to consider when assessing your system’s exposure to hackers. For instance, leaving ports on the router open is often overlooked, but it’s a common way that hackers can gain access. And if the password on the PBX (Private Branch eXchange) hasn’t been changed from the default, it won’t take much work for them to obtain control and route calls to anywhere in the world. We recommend changing your system and employee passwords on a regular basis, and that they involve a mixture of numbers, letters and special characters - no more using password123!

Phreaking often happens if your business uses a VoIP phone line, as these are hosted via the cloud. Although it offers considerable flexibility, such as being able to transfer phone lines and make calls at a lower cost, the system will be associated with an online account, which could be breached without protection. 

Protective Measures

At Voiceflex, we’ve made combating fraud simpler than ever. We developed our own application, Advanced Behaviour Based Analysis (ABBA) to provide an enhanced approach to securing telecommunication protection. It’s crucial to implement telephone fraud protection measures within your business, and with our solution, we offer an exceptional level of analysis, detection and protection to ensure peace of mind. In real-time, we are able to monitor and alert you to any fraudulent activity, and if your VoiceFlex account is at risk, we will automatically suspend it to prevent any further attacks. 

If you would like more information about our telephony fraud protection solution, or to speak to a member of the VoiceFlex team about any of our other services, contact us here.