Preventing Toll Fraud: Tips & Best Practices


Written by: Marissa Filletti, Marketing Specialist 

What is toll fraud?

Toll fraud is one of the most common forms of attack on a telephony network and costs the telecommunications industry billions every year. It occurs when a hacker, or any unauthorized person, gains access to your phone system and makes long distance and/or international phone calls. Before many organizations even realize it’s occurred, hackers can surpass hundreds or even thousands of dollars in charges.

What motivates cyber criminals to do this? In many cases, they’re looking to make calls to other countries without having to incur the cost themselves. In more serious cases, they will even profit by reselling access to your company’s network, racking up fees and charges at an exponential rate.

Here are some tips and best practices for protecting your business against toll fraud:


1) Use strong passwords and pin numbers. Change them regularly.

 Having strong, frequently updated passwords is key in preventing cyber attacks. Strong passwords are hard to guess, longer than eight characters, and contain a combination of upper and lowercase letters, numbers, and special symbols. Similar measures should be taken to secure your voicemail box. Users should opt for 5-6 digit pin numbers if possible, and avoid trivial pins like “1234” or “0000.”

We recommend changing your passwords and pin numbers every 90 days and taking advantage to multifactor authentication when it’s available.

+ MORE ON SECURING YOUR VOICEMAIL: Voicemail boxes are common targets for toll fraud. For added security, we recommend that system administrators delete any unused mailboxes and disable outbound transfer, networking, and off-premise notification.


2) If you don’t need international calling, disable it.

The main motive of criminals committing toll fraud is to make (or sell) international phone calls at your expense. With that in mind, if your business does not utilize international calling, we recommend disabling it altogether. This eliminates the threat of your business incurring these types of charges, even if your system was targeted by hackers.


3) Review your bill and call records frequently.

Reviewing your phone bills and call records in detail is the easiest way to spot suspicious activity. The sooner fraudulent activity is detected, the sooner your system can be secured to avoid further charges and breaches.


4) Refine your company’s security policies.

Toll fraud is common, but many are unaware that it exists. Defining or refining your company’s security policy is a great first step in putting these preventative measures in place and helping all of your team members understand what’s at stake. In addition to outlining necessary steps in preventing data and voice cyberattacks, these policies typically include provisions for firewalls as well as software for virus and malware scanning. Reviewing the New York Shield Act guidelines is a great place to start. 

Beyond taking steps to enhance your security, check your company’s insurance policy for provisions that could insure you against this type of fraud.

If you believe you may have been a victim of toll fraud, contact your carrier or phone system provider immediately. You can speak to a Northland representative by calling (315) 624-2033.