10. VoIP PBX Fraud Flashcards
What is PBX?
PBX = Private Branch Exchange
Is the telephone system within an organisation that switches calls between users in the organisation, on local phone lines.
Enables users to share a limited number of external phone lines.
Reason is to save money by sharing phonelines - rather than paying for external lines for each employee.
Can be managed in house or outsourced
What are the different types of PBX?
- Traditional: copper cables for telephone landlines attached to it. Will accommodate a mixture of analogue and digital communications.
- Cloud based: used by the enterprise
- IP PBX: Uses digital phone signals to faciltate calls. Uses ethernet cables to connect phones rather than traditional phone lines.
What is Phreaking?
Phreaking is the manipulation of Telecom signals to get free phone calls.
For example in the USA many switches used tone dialling, when someone mimics a specific tone they can make calls for free.
AT&T implemented automated switches which used tone dialling.
One of the companies in house tone was 2600Hz which caused a telephone switch to believe that the call had ended but the line stayed open allowing free long distance and international dialling.
Allegedly Steve Jobs and Steve Wozniak (Apple Co-founders) sold blue boxes that made tones that allowed users to make free calls.
Also the 2600 Magazine
Why are the consumer rates decreasing in the Telecommunications Industry?
◼ Privatisation of Government-owned Telecom
◼ Cellphone Plans Replace Landlines
◼ Unlimited Plans
◼ Elimination of Roaming Charges in EU
◼ Introduction of VoIP
also devices such as adapters to allow free internet calling such as adapters that support google voice
What is PBX Fraud?
PBX fraud involves individuals setting up premium call services, then HACKING into companies and using their phonelines to call their own premium call services and running up big bills (generally out of office hours)
How are the companies phone lines hacked in PBX fraud?
- calls made to business lines out of hours will go to a voicemail. Some companies allow users to remotely access their voicemail with a PIN. The default PIN was often the last 4 digits of phone number. There was often an option to forward calls to another number.
- Hackers would gain access to the voicemail using the default PIN then forward calls to a premium paid service ownedd by the hacker. Any calls made to that number would be diverted to the premium number and a big bill run up.
Why are VoIP phones vulnerable to hacking?
VoIP phones are unintelligent and rely on other systems such as a PBX. When a VoIP handset is picked up it connects to the PBX.
The PBX instructs the phone to play a dial tone.
When numbers are pressed the PBX tells the phone to play a digit tone.
Once the correct number of digits are input, the PBX connects the call.
The PBX lacks proper security. So if the IP address is known of an insecure PBX then calls can be made that originate from that organisation, so international or premium rate calls can be made.
Hackers can use robo diallers to make multiple calls to pay per minute premium numbers paid for by the company. Just by knowing the IP address
What are the problems that companies using PBX services face?
◼ Company Liable for Charges (in built in phone contract)
◼ Lack of In-house Expertise to Properly Configure a PBX
◼ Problem with Remote Workers - Office Desk Phone at Home. Need to configure the PBX to allow calls initiated from the internet
◼ Frequently Charges Total >$60,000 Over a Weekend
◼ International Jurisdiction makes investigation difficult.
◼ Lack of Reporting - often unreported due to company fearing bad publicicty
What is the CFCA (Communications Fraud Control Association?)
A non profit association that provides info about:
◼ Risk Management
◼ Loss Prevention
◼ Fraud Control
They estimate that Telecom fraud costs $30 billion annually.
What are the three types of Telecom fraud that contribute to the $30 billion annual loss?
Voice Fraud
IPX Fraud
SMS Fraud
What is Voice Fraud?
◼ Abusive / Fraudulent Calls to individuals for Profit
◼ Access to Operator’s Network to Call Premium Numbers
◼ AKA International Revenue Share Fraud (IRSF)
What is SMS Fraud?
International text messages take multiple routes to get to their destination - each with different costs associated
◼ Hackers Use Illegal / Unauthorised Routes which are cheapest. Thereby they deprive Operators of Termination Revenues
They may also take Control of Operator SMS Centers to:
◼ Use SMS to Solicit Consumers to Make Premium Calls
◼ distribute Mobile Malware
What is IPX & Signalling Fraud?
◼ SS7 Signaling Fraud - vulnerabilities are attacekd during roaming and making international calls. This allows:
- Subscriber Phone Hijacked
-Spam SMS Messages Sent
Other attacks that roaming subscribers may be vulnerable to:
◼ Intercept Personal Data of Roaming Subscribers
◼ Sell the roamers Sensitive Data to Cyber Criminals
◼ Distribute Mobile Malware
What are the types of Telecom Fraud?
◼ Europol Report - €29 billion Annually lost to Telecom fraud.
Types:
◼ Vishing
◼ One (ring) & Cut or Wangiri
◼ International Revenue Sharing Fraud (IRSF)
What is Vishing?
Vishing is phishing but via phone.
So it’s when victims are tricked into divulging personal, financial or security info or into transferring money to them.
What is One (ring) & Cut or Wangiri?
Fraudster sets up a system to bulk dial a large number of calls.
each phone is rung just once then hangs up.
Victims see the missed call and phone it back.
The call then costs them premium rate numebrs.
What is International Revenue Sharing Fraud (IRSF)?
International Revenue Sharing Fraud (IRSF) has been the most damaging scheme to date.
It involves transferring monetary value from one carrier to another another bassed on the inter carrier trust between telecom operaters. They wait for the logs to expire before any other money laundering steps are taken.
What are Robocalls?
◼ September 2019 – 200 million Calls Daily in USA attribuated to Robocalls
◼ nomorerobo.com - allows subscribers to block known robocalls
◼ Federal Trade Commission (FTC) Investigates
-Money Sent to Impacted Subscribers
◼ Canadian Radio-television and Telecommunications
Commission (CRTC) has investigated. The calls are in violation of:
- Unsolicited Telecommunications Rules
- Canada’s Anti-Spam Law
◼ 2020 Robocall Investigation Report
-Transaction Network Services
Example of a VoIP investigation
◼ January 2020 – Complaint Filed in Eastern District of NY
◼ Conspiracy to Commit Wirefraud
◼ Jon Kaen, Global Voicecom
- Gateway Carrier
◼ VoIP Carrier
◼ Facilitated Robocalls from Foreign Call Centres
◼ Spoofing Government Telephone Numbers
◼ Fraud Schemes
◼ 465,000 Complaints - $14 million