Blog Post

Easter Telephone Hacking

  • by Mark Townsend
  • 01 Apr, 2018

Have you secured your Business?

Easter is the second most popular time for hackers to attack Business telephone systems. Why is this? They look for the times of the year that Offices are left unattended for the maximum length of time. What is their aim? It is to take control of telephone systems forcing them to dial premium rate numbers that they own and thus earn the maximum revenue.

When a Business purchases a new telephone system it is often from a major player like Cisco. The telephone system will be installed by a reputable telephone installer and Voicemail will be setup as this is a key feature of a telephone system. By default the password to access a Voice mailbox is 1234 and the Business owner as well as all the staff will be advised to change the password. Many do not as 1234 is easy to remember and after all their Voice mailbox doesn't hold any secrets does it?

In a modern day Business where staff work from home or they are out on the road they have a requirement to be able to access their Voicemail when they are not on the premises. Typically this involves dialling their own direct dial number, entering a key sequence and then entering the password for their Voicemail. Over time their direct dial number appears on Business cards, Company websites and at the bottom of e-mails and eventually the number falls into the wrong hands.

So how do criminals break in and rack up phone bills that can exceed £70,000 over 4 days? They ring the direct dial number, enter the key sequence and then try the default password 1234. If they get into Voicemail they can then take control of the telephone and get it to call their premium rate number. If it is a big Business with 100 or more phones they will try all the direct dial numbers as the phone number sequence is usually sequential and if nobody has changed their password they will access all of them and get them all ringing their premium number if there are enough outgoing lines available at the Business.

If you think this is unlikely I have personally been involved in three instances of this during my time providing support for Businesses. Telephone companies do actively look for instances of this happening over long Bank Holidays and sometimes get in contact with you before your return to save the bill from getting too large. Will you get your money back? Sometimes telephone companies help out but you never get all of it back. How do you protect yourself against this? It's easy - when your telephone installer tells you and your staff to change your Voicemail password please take it seriously and ensure it is done.  
by Mark Townsend 10 July 2024
What options are available once Windows 10 reaches End of Support?
by Mark Townsend 14 April 2023
Super fast speed for super low prices
by Mark Townsend 5 August 2022
Does a Mesh Network solve all the problems that Wifi Extenders don't?
by Mark Townsend 26 June 2022
What does end of life mean and what are the options?
by Mark Townsend 31 March 2022
Are low priced laptops a bargain or is there a price to pay?
by Mark Townsend 24 October 2021
Can the Hardware Requirements be side stepped?
by Mark Townsend 4 September 2021
If you are confident in your IT skills then Windows 11 will run on any PC
by Mark Townsend 25 June 2021
Windows 10 won't be around forever after all!!
by Mark Townsend 5 April 2021
Another speedy update is on the way!!
by Mark Townsend 11 March 2021
Can Housekeeping on its own resolve the issue?
Show More
Share by: