PBX Fraud - What is a Telco's Responsibility?

Forums › ICT Policies and Regulation › PBX Fraud - What is a Telco's Responsibility?

Mycenius

106 posts

Master Geek

ID Verified

Lifetime subscriber

#57078 2-Feb-2010 16:40

Hi All,

Can anyone tell me what the Telco's responsibility is with regard to Fraud Calls made by hacking a PBX (e.g. using voicemail to redirect local DDI number calls to an external international number)? I realise that the PBX itself is the owner's responsibility but is there a responsibility on the Telco to advise a customer should Fraud-like activity be occurring on their account (e.g. repeated calling to the same numbers in somewhere like Somalia or Nigeria that the customer never calls, calls occurring every 2-5 minutes 24-hours a day with multiple calls simultaneously, and over a period of several weeks blowing out the value of charging of the customers account by 1000% in one month - e.g. from $10k to $120k - so in a single week there is 3 times the normal charges).

I understand that Telecom actively monitor for this and advise a customer within a few days of it starting (i.e. unusual activity or excessive extraordinary charges being incurred); and that in many cases Telecom actually waive the costs to the customer... (much the same as how Credit Card Companies operate with Credit Card Fraud).

But apparently other Telco's do not - Does a customer (especially a Small/Medium Business) have recourse to the Telco over this (and do Telecom always do as described above) - As the customer has no way to monitor their activity until they get the bill at the end of the month they are totally reliant on the Telco's vigilance and pro-activeness to protect them?

Also is there a specific authority to talk to about this type of fraud (other than reporting to the police) - I'm investigating with a couple of consumer rights organisations but when it's a company that is the victim what are it's rights?

Many TIA for any further enlightenment/guidance/thoughts on this issue...

“Two things are infinite: the universe and human stupidity; and I'm not sure about the universe.” -- Albert Einstein

1 | 2 | 3 | 4 | 5 | 6

19282 posts

Uber Geek
+1 received by user: 2526
Inactive user

#295453 2-Feb-2010 16:45

Its not a telco issue any warning is good will

maverick

3594 posts

Uber Geek
+1 received by user: 80

Trusted

WorldxChange

#295456 2-Feb-2010 16:53

Just what I was going to say John :), you do understand that the carriers have to pay for the calls ?, is it their responsibility for a poorly secured/configured PABX,

I feel for a customer that this happens to but also know that there is a cost and sometime large costs for the Telco to wear and it always appears as though the customer always wants the Telco to wear these costs, straight away by the look of this they are looking for something to get out of it and looking to punish the Telco.

Some Telco's will have monitoring on some commercial accounts ,some will have credit limits so as to limit any libility from this type of thing happening, best idea is to try and work with the Telco to reduce the bill maybe ask them to look at cost only , but by the looks of this they are just wanting an out

Yes I am a employee of WxC (My Profile) ... but I do have my own opinions as well

https://www.facebook.com/wxccommunications

Mycenius

106 posts

Master Geek

ID Verified

Lifetime subscriber

#295458 2-Feb-2010 16:55

I would expect any unusual activity on a phone account to be raised by a Telco with it's customer - exactly as a Credit Card Company does - the principle is identical and there is a responsibility on the Telco to act in the best interests of, and on behalf of, their customer... If a customer has no way to see activity on their account until a week or more after a billing period has ended it is unreasonable for the Telco to not take responsibility for notifying the customer of unusual activity... We are not talking about 1-2 fraudulent calls here - we are talking about ongoing extreme and unusual activity 24 hours a day for many weeks incurring 12 months worth of typical charging in just a month...

What you are saying is tantamount to Toyota USA saying 'tough luck about the accelerators, not our problem, you bought the car'... (i.e. we'll take your money but won't take any responsibility). In the example I give the fact the calls originated from PBX fraud is irrelevant, as to some extent is who pays afterwards, its awareness of the unusual and excessive activity on the account that I am raising the spectre of responsibility over...

“Two things are infinite: the universe and human stupidity; and I'm not sure about the universe.” -- Albert Einstein

PenultimateHop

637 posts

Ultimate Geek
+1 received by user: 2

Trusted

#295459 2-Feb-2010 17:05

1. It is absolutely the customer's problem[1] if their PBX is compromised and used to make calls. They have an agreement with the telco to pay for calls originating from their trunks. This is similar when someone's PC is used as a spam origination point due to a trojan -- the ISP is within their contractual rights (usually) to disconnect the customer even if they themselves were not actively spamming. Same if a trojan puts you over your data cap...
2. Customers can view their call stats, either from the PBX itself or from online billing information from many telcos, before the monthly bill comes.
3. The telcos should be monitoring for this sort of problem, but only from a credit control perspective: if the bill jumps from $10K to $120K suddenly, there is a very good chance they're not going to recover that $120K... That said many telcos in my experience will work with the affected customer to reduce/waive the charges, although as pointed out they too have incurred costs in carrying those calls.

[1] If the PBX is maintained by a service company or under a support contract, it would be reasonable for the customer to place the blame on them.

AndrewTD

292 posts

Ultimate Geek

Trusted

Lifetime subscriber

#295464 2-Feb-2010 17:17

I have had a very similar thing happen to me.
It was a painful experience to go through, and I can empathise with you on that front.

But, it is absolutely not the Telco's responsibility.

This problem really only arises (or more specifically, can be exploited) when a PBX is not configured properly. I.e it has an insecure dial plan.

On many PBXs these days, especially IP ones, you can monitor call records yourself. So, if you really wanted to, you could fairly easily configure alerts for untoward calling volumes/patterns, on say an hourly or daily basis. Not the job of the Telco to do this though.

kind regards Andrew TD

maverick

3594 posts

Uber Geek
+1 received by user: 80

Trusted

WorldxChange

#295475 2-Feb-2010 17:35

What you are saying is tantamount to Toyota USA saying 'tough luck about the accelerators, not our problem, you bought the car'... (i.e. we'll take your money but won't take any responsibility).

Not the point I was trying to make at all, The PABX was misconfigured to allow fraudulent use, it would be like in your example the Toyota being brought new and modded by someone and then blowing up, it waouldn't be Toyota's fault was it... a rough example but the gist is the PABX has been badly configured by the customers PABX represntative.

Yes I am a employee of WxC (My Profile) ... but I do have my own opinions as well

https://www.facebook.com/wxccommunications

Mighty Ape

Shop now at Mighty Ape (affiliate link).

old3eyes

9158 posts

Uber Geek
+1 received by user: 1364

Subscriber

#295501 2-Feb-2010 19:00

One of the easiest way to prevent toll fraud via voicemail is to make all the voicemail ports Intl barred as a minimum ..

Regards,

Old3eyes

nathan

5695 posts

Uber Geek
+1 received by user: 1630
Inactive user

#295506 2-Feb-2010 19:29

how to the hackers make money from this?

do they get kick backs from the telco's in the overseas locations the PABX is calling?

maverick

3594 posts

Uber Geek
+1 received by user: 80

Trusted

WorldxChange

#295511 2-Feb-2010 19:41

Common trick or tricks,

Generally seen by dodgy offshore number ranges & operators, they terminate to a number which holds up the call for a period of time the carrier gets the terminating revenue, they will employ people to actively look all round the world for Mail systems to do what has probably been done here, comprise a vmail system with poor or no password access and allows call forwarding. Seen a lot from third world / developing countries.

Or a dodgy provider that sells really cheap minutes low quality calls to people , business, carriers and uses the same technique.

Yes I am a employee of WxC (My Profile) ... but I do have my own opinions as well

https://www.facebook.com/wxccommunications

johnr

19282 posts

Uber Geek
+1 received by user: 2526
Inactive user

#295514 2-Feb-2010 19:48

If someone stole the petrol out of your car one night would you expect the gas station down the road to give you a tank of free gas?

nate

6473 posts

Uber Geek
+1 received by user: 458

Retired Mod

Trusted

Lifetime subscriber

#295602 3-Feb-2010 00:55

Mycenius: As the customer has no way to monitor their activity until they get the bill at the end of the month they are totally reliant on the Telco's vigilance and pro-activeness to protect them?

You should never rely on the telco to alert you for unusual use. All VoIP PBXs I've seen have some form of logging all inbound/outbound calls.

If a telco does credit you back any fradulent calls, I would count my lucky stars, then fire the staff member or company who didn't properly secure your phone system, and get someone onto it who knows what they are doing asap.

Geekzone

Want to support Geekzone and browse the site without the ads? Subscribe to Geekzone now (monthly, annual and lifetime options).

Bung

6733 posts

Uber Geek
+1 received by user: 2926

Subscriber

#295612 3-Feb-2010 06:40

johnr: If someone stole the petrol out of your car one night would you expect the gas station down the road to give you a tank of free gas?

This looks like you're labouring the point a bit. A more appropriate analogy would be would fuel card usage, you should monitor individual use but the card company can assist with some antifraud options.

jpollock

600 posts

Ultimate Geek
+1 received by user: 5

Trusted

#295659 3-Feb-2010 11:19

While it isn't the Telco's fault, I think they should all track usage and look for fraud. At the end of the day, huge fraud bills are difficult to collect. Either the person has insurance and you have to wait for the insurance investigation, or they don't and they go bankrupt to avoid it.

Either way, it's expensive to resolve the bill. Better to detect the problem early, and avoid it. The customer is happy (whew, dodged a bullet, thanks Mr Telco), and the accounts receivable team is happy (whew, dodged a bullet, thanks Mr Network Monitoring!).

Fraud happens all the time - even to Telcos.

Frauds also have a really, really bad habit of going viral in a hurry, and when it does, then the network monitoring team notices because their traffic goes through the roof.

For a PBX, they probably set it up as a second dial trunk. The PBX forwards to a number which provides another dial tone for the final call leg. The thieves then route their calling card service to it....

Someone figures out how to make a free call, they set up shop by a payphone (or a shopping mall now), and offer cheap calls for to Y country. Say, $1, talk as long as you like.

There was a payphone fraud in Ontario in the 90's that was found, went viral and shut down inside of 24 hours - however, they lost an insane amount of money connecting calls to India, Nepal, Singapore, etc.

---
http://blog.jason.pollock.ca

Mycenius

106 posts

Master Geek

ID Verified

Lifetime subscriber

#295672 3-Feb-2010 11:58

maverick:

Not the point I was trying to make at all, The PABX was misconfigured to allow fraudulent use, it would be like in your example the Toyota being brought new and modded by someone and then blowing up, it waouldn't be Toyota's fault was it... a rough example but the gist is the PABX has been badly configured by the customers PABX represntative.

In the case I am referencing this is not the case - the PBX was configured as securely as possible for the model/type of PBX. There is a common misconception that all PBXs & VM systems can be configured to prevent this which isn't the case...

My philosophising is not about the actual payment of the costs (as Telco's do have costs they can't write off and such and I do not expect them to bear the costs) - it is more about the responsibility of the Telco to advise/help the customer when such activity has been ongoing for a prolonged period... The difference between a customer having to deal with a week versus say 4 weeks of such fraudulent activity...

Many of the responses here are the 'we'll take your money but not any responsibility' type of response... The fact is I know Telecom do do this for their customers (well at least some of them), and my question remains should not all Telco's, and should not they have some responsibility to alert a customer if their is unusual activity on their account? E.g. PBX gets hacked, has a month's worth of charges run up as international calls in 3 days and it continues - the customer has absolutely no way of knowing this is happening until they get their monthly account 5 weeks later, however if the Telco had advised after 1 week there was excessive and unusual activity the customer would only face a few days of fraudulent charges not 4 or 5 weeks or more?

Since not all PBXs and VMs can be secured safely in a way to guarantee this can't happen there is always the possibility of it happening (and contrary to what's been said here you'd be lucky if 25% of PBX systems are of newer types with the enhanced security & functions referenced)... Also contrary to some comments above not all PBX's & VM systems have adequate logging facility nor is it practical to access them nor reasonable to expect people to do so on a daily basis... As per Ol'3eyes comment blocking VM from International is a option, but only if the system has the functionality, and some/many don't (e.g. you can only block all outgoing calls from VM, or block all tolls, or in some cases can't block any at all).

JPollock your comments are on the track where I am coming from - If there was fraud on my Credit Card (or Farmers Card, or whatever) my Credit Card Company would advise me immediately and block the activity; if there was fraud on my Fuelcard for my car the Oil Company would do likewise; If my water usage at my home is considered unusually high the Council advise me (usually via letter to check for leaks) and if it's exceptionally high will come on site immediately to check; etc; etc...

Note: This is not about bagging the Telco's or anything - simply that I have been involved with such an incident recently and am simply rather gobsmacked to find that most Telco's (in NZ) appear to not have even the most rudimentary form of monitoring for unusual activity on their clients accounts... (regardless of how or where that activity occurs or originates).

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41024

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#295673 3-Feb-2010 12:03

I personally think this is a more serious topic than the mainstream media making noises because of bill shock for some people who roam around the world with their iPhones and don't realise they actually have to pay for it...

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

1 | 2 | 3 | 4 | 5 | 6