Preventing Toll Fraud from Dismantling Your VoIP Operations


Toll fraud… It's something you never want to deal with, but with its ever-growing prevalence, it’s something you can’t risk ignoring either. 

While internet-based tools have made leaps and bounds for organizations in recent years, they’ve also emboldened fraudsters to stir up new ways to hinder your business VoIP operations. In fact, $40 billion USD was lost due to global telecom fraud last year. 

With fraud being at an all-time high, it’s critical to implement security deterrence measures for both employees and your voice infrastructure. Below, we’re covering five best practices for preventing toll fraud from dismantling your VoIP operations. 

How Does Toll Fraud Happen?

Toll fraud is when scammers place calls through your PBX at your company’s expense to generate revenue for themselves. There are several toll fraud subsets in which fraudsters make money, including:

  • International Revenue Share Fraud (IRSF): This takes place when a scammer accesses your phone system, makes calls to premium-rate numbers and takes a cut of the revenue generated from the calls. Typically, the stolen revenue is sold through overseas calling cards or low-cost call tariffs. 
  • Account Takeover (ATO): When scammers gain access to an account, typically through a compromised password, to make expensive toll calls.
  • Wangiri: A callback scam that will ring people from a premium or international number and leave a message that prompts the recipient to call back. In doing so, the scammers rack up expensive call charges from those who fell for it. 
  • Voice Verification Code Spam: Fraudsters launch scripted call attacks on your 2FA (two-factor authentication) codes to generate a high volume of calls through a voice verification function.
  • SMS Verification Code Spam: This scam is similar to voice verification attacks, except instead of scripted calls, scammers will send large numbers of fake text verification codes via SMS. 

Any business or industry using a phone system can be at risk of toll fraud. However, businesses using premium phone numbers and operating in markets with expensive call rates are more likely targeted. 

How Does Toll Fraud Affect Business?

Toll fraud can be difficult to detect early and in many cases, business owners aren’t aware it happened until they receive their next telecom bill. In some cases, business owners have received bills as high as $500,000 for the previous month. What’s worse, is that the inability to make payment while disputing charges could lead to voice interruption and lapse in business continuity– leading to unhappy customers and lost revenue. 

To avoid this nightmare, there are a few signs to look out for:

  • Higher than normal call activity at non-peak times like weekends and holidays
  • High inbound and outbound calls from unusual locations and destinations
  • An influx in customer complaints about your phone line being busy 
  • A surge in dropped or hung up customer calls 
  • Abrupt changes in normal calling patterns
  • Gradual increment on your monthly billing

If you detect any of these signs, it’s best to proactively investigate to avoid a huge bill and further losses that could come from your telecom system going offline. 

Best Practices to Prevent Toll Fraud

Getting ahead of toll fraud is the best way to mitigate the risk. Here’s how you can diligently monitor for toll fraud and take steps to prevent it. 

1. Analyze and define systems that require protection

Before setting up any controls, it’s important to understand your infrastructure, how each connects and the potential risks involved. This includes everything in your telecom infrastructure– not just your VoIP tools.

Areas in which most businesses are vulnerable include:

  • Weak passwords and PINs 
  • Unsecure Wi-Fi network design for remote users
  • End of life PBX and hard phones  
  • Hardware/software missing critical updates 
  • Misconfigured system settings 
  • Lack of firewall and unnecessary protocols like H323 or IAX
  • No international calling restrictions or blocks on premium-rate numbers

As you begin assessing your systems, follow these five steps:

  1. List equipment inventory:  Create a list of all equipment and define the degree and nature of their vulnerabilities.
  2. Complete a risk assessment: Establish the economic impact or other impacts if the equipment is compromised, disconnected or damaged.  
  3. Build a vulnerability reduction plan: Prioritize high-risk assets and set mitigation controls. 
  4. Develop contingency plans: Implement a clear plan of action should a fraudulent attack occur across any of your systems. 
  5. Monitor for PBX network vulnerabilities: Regularly communicate with vendors for potential risks. 

2. Establish policy standards

Employees play a vital role in ensuring your network is secure. Implement company-wide training on security policy standards so they are aware of the role they play in mitigating toll fraud. Your security policy should cover three areas in particular:

  1. Passwords: Begin by implementing a robust password policy with strict requirements. It’s suggested that all passwords should:
    • Be 16 characters minimum
    • Include special characters
    • Require upper and lowercase letters 
    • Require numbers

Additionally, your IT team should require employee passwords to change on a regular basis. As a final best practice, define how many failed login attempts lead to blocked access.

2. Use and user responsibility: Many organizations require employees to sign a user responsibility agreement. This agreement acknowledges that the employee has:

    • Completed training on the types of toll fraud and how to detect it
    • Understands their role in mitigating fraud by monitoring changes in network speed or hindered call quality 
    • Agrees to report fraud attempts to network admins or appropriate IT staff
    • All potential fraud attacks will be documented and disclosed  

3. Downloads: Lastly, your security policy should align with your IT governance standards. With the rapid growth of low-code no-code telecom tools, it’s important to have procedures in place that reduce shadow IT risk that could leave your systems vulnerable. 

3. Back up all configurations

When building your contingency plan, you will want to set requirements for:

  • Maintaining and documenting all updates or backups to the PBX configuration and database
  • Documentation of all data restoration procedures
  • The safe storage of any proprietary data and photographs taken of on-premise connections and equipment 

4. Use security and safety features

Another best practice for mitigating toll fraud is implementing a series of security features across your broadband and internet systems. Suggested security features include:

  1. Establish VPN connections: To help manage multi-office locations and remote workers, provide encrypted connections to your cloud-based technology.
  2. Establish SIP protocol: To forward calls securely, choose either Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) connections. Which one you select may depend on a variety of factors including your personal preference, familiarity, local restrictions or business needs.  
  3. Enable encrypted communications: To help ensure the highest level of security for your calls, implement Transport Layer Security (TLS) and Secure Real-Time Transport Protocol (SRTP) encryption within your SIP connection. 

5. Monitor on-prem, virtual PBX and integrations systems

Lastly, monitoring your tools on an ongoing basis will be critical to preventing toll fraud before the telecom bill catches you by surprise. A few means for doing so include:

  • Auditing your tools: Remove unnecessary and unused tools that could leave your system vulnerable. Additionally, monitor who has access to those tools to reduce shadow IT risk. 
  • Using encrypted SIP trunks: Ensures you only accept calls from trusted sources with high-security standards.
  • Monitoring call logs and billing: Regularly monitor call detail records and call logs to identify out-of-the-ordinary patterns. Additionally, monitor your bills and usage rates so you’re not slapped with any surprises at the end of the month. With so many moving pieces, work with a VoIP provider who has a robust toolkit of APIs that can make monitoring your telecom system easier.
  • Tracking call audio quality: Set up voice quality analytics and notifications to proactively observe and review critical quality performance metrics of every call.

Ensure Your VoIP Provider Prioritizes Your Network Security

While setting up the correct infrastructure to secure your telecom systems relies heavily on IT support, preventing toll fraud is truly a company-wide initiative. Reducing risk relies on two main things:

  1. Implementation of tools that will reduce security risk
  2. Working with a voice provider who considers your network security a priority 

The AVOXI Platform was carefully designed on cloud-based infrastructure to ensure reliable global connectivity and enterprise-grade protection to shield your business from malicious activity. Learn more about our network and security standards

Featured Resource

Telecom Security Toolkit
(Free Download)

A set of free resources for detecting and preventing security risks in your communication networks and technology.