Business telephone fraud – causes and prevention

We commonly see fraud written about in the news, often referring to internet fraud such as phishing scams, Trojan viruses and hacking. As businesses, it is vital to be aware of these risks and take steps to prevent it. However, telephony crime committed against businesses is one of the largest sources of fraud in the UK, 4 times larger than credit card fraud costing £1.5 billion in the last year. And yet this crime is largely unknown to UK businesses because it is not in the public eye, with many companies without protection against this. The average attack of toll fraud can cost upwards of £5,000 so it is vital to be aware of preventative methods to prevent this crime.


How does telephone fraud occur?

There are several ways in which telephone fraud can be committed against businesses and the vast majority occurs from criminals hacking into telephone systems in order to dial premium rate numbers often located abroad. There is a large market for illegally stolen calls as they can be easily turned into profit. Even the most advanced system is vulnerable to this type of crime if unprotected as the methods hackers use are increasingly complex and inventive in order to bypass call monitoring.

Similarly VOIP users can be subject to fraud by individual PBX extensions being forwarded to a long-distance or overseas number; the PBX owner must pay tolls for all of these calls. Voice over IP servers are often flooded with brute-force attempts to register bogus off- premises extensions (which may then be forwarded or used to make calls) or to directly call SIP addresses which request numbers on a gateway; as they are computers, they are targets for Internet system crackers.

Fraudulent diverts can sometimes occur when customers are impersonated, meaning the telecoms provider wrongfully diverts the call to a criminals number. Most telephone providers will request passwords or security questions to allow this, or you may be able to request additional security yourself.

How can it be prevented?

There are several steps you can take to minimise your businesses vulnerabilities to this crime such as:

  • Restrict certain numbers or destinations e.g. premium rate, international calls
  • Analyse PBX call logs and reports for anomalies, out of hours calls, etc
  • Change voice mail passwords on a regular basis and avoid obvious combinations e.g. 1234 or the extension number
  • Lock surplus mailboxes and de-activate all unnecessary system functionality
  • Restrict access to equipment e.g. comms room
  • Safeguard internal directories, call logs reports, etc to prevent unauthorised access

for further information on fraud affecting businesses take a look at our dedicated page below:


NT voice and data offer a fraud protection service on our phone lines and broadband lines to provide customers with additional monitoring to identify a fraudulent attack as soon as irregular call activity appears. For more information on how we can help reduce security threats to your business get in touch by email – By phone – 01623 687750 or by using the help form at the bottom of this page