BBB warning businesses of new phone hacking scam
ABILENE, Texas - The Better Business Bureauis warning businesses about a new phone hacking scam.
Below is detailed information about the scam, how it works, and what to do if you think your business has been hacked.
From the Better Business Bureau:
Two local businesses have told BBB their phone system has been hacked.
A phone hacking scam is a form of fraud that occurs when hackers break into a company's voice mail system and rig it to either accept collect calls or place outgoing calls to international phone numbers – usually running up thousands of dollars on the business's phone bill before they're stopped.
Here's how it works: A hacker calls into a company's voice mail system and searches for voice mailboxes that still have the default passwords active – or have easily-guessed combinations, like 1-2-3-4. Once he's "in", the hacker will change the voice mailbox's outgoing greeting to "Yes, operator, I will accept the charges."
Next, he'll make a collect call to the number he's just hacked. When the automated operator "hears" the voice on the other end of the phone say, "Yes, operator, I will accept the charges," the call is connected. The hacker then uses this connection for long periods of time to make other international calls, usually on holiday periods or weekends.
Phone systems that allow users to forward calls or messages to another phone number are also vulnerable because the hacker programs the phone to forward calls to an international number. Then, Mr. Hacker is able to call all of his scammer friends in other countries on someone else's dime.
Here's how to protect your company's phone system:
1. First, change default passwords as soon as possible, and replace them with strong passwords. Using 1-2-3-4 or your extension number as your password. Trust me, it isn't fooling anyone. 2. Turn off any unused or un-monitored extensions or phone numbers, and check your outgoing message regularly to ensure that it's really your message. 3. Next, contact your phone provider and ask them to restrict international calls, calls to premium phone numbers, collect calls and calls made outside of normal business hours. Also consider disabling features like call forwarding, if they're not being used. 4. Lastly, ask your provider if it has any more advice on how to make your phone system more secure.