You’ve invested a lot into your collaboration and communications solutions, and as today’s systems have gotten more advanced, so have the ways that they can be compromised. Most organizations spend significant time and money protecting their systems from exploits while overlooking one of the biggest attack vectors, toll-fraud via their PSTN or IP-based telephone systems. When this happens, an organization may find itself the victim of toll-fraud to the tune of thousands of dollars.
A common form of toll fraud attacks is when bad actors illegally exploit the programming and dialing-rules within a telephone system for financial gain. With control of your system, the attacker can resell access to others making expensive long-distance calls, or they can run up call charges on premium-rate numbers to get a cut of the revenue generated. Either way, the bad actor gets paid, and you end up with the bill.
Toll fraud attacks can happen via traditional PSTN phone services but most commonly happen via SIP or IP-based communications with telephone equipment. There are ways to minimize this attack vector: Stringent dial-plan programming, least-required-access calling permissions for end-users and systems, and anomalous communications detection, to name a few.
Whether your communication system has been in place for years or is relatively new, consider letting a Cerium specialist review the configuration for best practices implementation. Even if Cerium initially deployed your solution, changes made over time may have unknowingly opened opportunities for toll fraud exploits. A Cerium health-check will ensure your platform is ready to deter phone-system fraudsters.
Our Toll-Fraud Health-Check provides a review of your dial-plan, calling-permissions, and the security features of your telephone system and associated core applications such as voicemail and firewall traversal applications. For under $1000 of professional services from Cerium Networks, our engineers will track down opportunities that could exploit your system and make actionable recommendations for minimizing the attack vector presented through the PSTN and IP communications. At the end of the discovery engagement, we deliver a detailed report of our findings, known vulnerabilities in the configuration and suggested remediations. For minimal additional professional services, we will make the changes for you as well.