Skip to main content

Even voicemail is susceptible to fraud



In a world of increasing exposure to online security threats, it’s nice to be able to rely on voicemail for risk-free communication. The problem is, you can’t. Your voicemail system can easily be hacked if you don’t take some precautions.

Passwords as passports

In the most common scheme, hackers figure out the passwords for voicemail boxes. Most frequently, they call numbers until they’re transferred to voicemail, and then try different combinations of numbers until they find the password. Once they’re in a voicemail box, they change the greeting to authorize collect or third-party calls.

In some cases, hackers use voicemail to enable lengthy, international conference calls. In others, they distribute the compromised phone numbers to friends and relatives overseas. These individuals can then call the United States, asking that the calls be billed to their “home” numbers. Because such calls are typically placed at times when voicemail is likely to pick up, such as weekends and holidays, the voicemail greeting authorizes the calls and the business is left holding the bill. Phone companies may or may not waive such charges.

Unauthorized calls aren’t the only way that hackers can exploit voicemail. Anyone who gains access to passwords can use them to listen to messages. Thus, hackers can get unlimited access to confidential business information — or employees may even use passwords to monitor their bosses’ messages.

Prevention is essential

Simple precautions can prevent these fraudulent activities. The easiest is to make sure everyone in your company creates a unique password. Fraud perpetrators know that many people either don’t bother to change the default “1234” password or simply use their extension numbers as their passwords.

Changing passwords regularly, just as with computer network logons, is another way to discourage voicemail fraud. Even better, encourage your employees to use six-digit — instead of the more common four-digit — passwords. Hackers would have to try 100,000 combinations to hit on the right one. It’s much easier for them to find default passwords somewhere else.

Another prevention method is to ask employees to routinely check their greetings. Your business may also want to disable international calls, auto-attendant features, call-forwarding and out-paging capabilities.

Endlessly inventive

Fraud perpetrators are endlessly inventive when it comes to scamming individuals and businesses. Contact us for more information on common fraud schemes and how to prevent them.

Please contact us for additional information

© 2018

Popular posts from this blog

Tax Cuts and Jobs Act (TCJA) - Impact on Tax Exempt Organizations

The 2017 Tax Cuts and Jobs Act that was enacted late in 2017 made several changes to the tax laws affecting tax-exempt organizations, including a new Unrelated Business Taxable Income (“UBTI”) tax rate at a flat 21% for any UBTI over the $1,000 standard deduction.  Caution:  These changes will make some nonprofit organizations pay federal tax that have never been taxpayers in the past.

Please follow this link for our client bulletin:
Bulletin

Please contact us for additional information

Novak Francella ranks first in number of multiemployer plans audited

At the 2018 International Foundation of Employee Benefit Plans annual conference the Department of Labor conducted a training session titled "Conversations with the DOL". Included in the presentation is the list of accounting firms that service multiemployer benefit plans and Novak Francella was listed as the firm servicing the most plans! Follow the link for the full presentation ...

Full presentation

Please contact us for additional information