Call Center

Ask A Pen Tester: What Are Phreaking Attacks & Toll Fraud?

A phreaking attack is a type of fraud where hackers break into your VoIP system in order to make long-distance calls, change calling plans, add more account credits, and make any additional phone calls they want— all on your dime. These hackers can also steal your stored billing information, access your voicemail, and even reconfigure call forwarding and routing strategies.

Toll Fraud is somewhat similar to a phreaking attack, but here, hackers intentionally make an excessive number of international calls from your business phone system so they can get a portion of the revenue the calls generate for themselves. Sometimes known as International Revenue SharingFraud, (IRSF) it costs businesses roughly $10 billion every year.

International premium rate number (IPRN) providers buy and resell phone numbers from carrier groups or country regulators. The hackers then generate a high number of international calls through those numbers, taking their cut through the IPRN.

There are several ways you can insulate yourself from potential VoIP fraud scams. For example:

  • Offer international calling services only to those clients that request it.
  • Implement time-bound spending limits for your international calling service plans.
  • Keep track of off-hours usage spikes and investigate when necessary.
  • Sign shared liability contracts with your clients so you aren't hung out to dry should VoIP fraud occur.

A skilled team of Penetration Testers can pressure-test your system in a controlled environment to identify security gaps before bad actors can take advantage of them. Schedule a discovery session with the team at MindPoint Group to learn more about how we can protect your networks.

More from Our Cybersecurity Experts