Voicemail Security

For GILL Technologies, telecom expense management is a comprehensive service that includes telecom customer service. We pride ourselves on handling technical issues for you. That means we keep abreast of many different trends and issues, including security.

One issue that’s making the rounds right now concerns voicemail security. We’ve received several advisories about professional criminals hacking voicemail systems. Voicemail fraud is typically used to place long distance calls through a system, leaving the billing with you. In an email alert, Bell Canada characterizes this crime as a “global trend.” This is an accurate observation. Telecom-related crime often crosses international borders, making offenders difficult to catch, prosecute or recover damages from.

A voicemail fraudster usually calls a business after hours to get uninterrupted time on the line. The criminal then uses ether automated or manual techniques to steal your password. After getting access to the system, the fraudster uses it to place long distance calls on your bill. If the voicemail configuration allows it, the criminal will make several repeat visits, or even set things up to make it easier to get back in. In fact, your account information may make the rounds with the fraudster’s associates. Eventually, this activity will show up on your phone bill, but that still gives the crook up to a month to exploit your system. This can result in huge bills – and one thing Bell won’t tell you is that they’re not always willing to refund charges that are obviously fraudulent.

Fortunately, voicemail systems have several protections in place – but you have to know what they are, and use them properly. Here’s what security experts advise:

  • Don’t use the system’s default password or passwords that are easy to guess. Criminals have lists of these.
  • Demand passwords with a minimum of six (and preferably eight) digits.
  • Don’t base the password off of publicly accessible information, such as the phone number or extensions.
  • Change passwords every 90 days.
  • The prime target of fraudsters is the system’s through-dialing system, which allows remote long distance calls through the voicemail account. If you won’t use it, disable it. Otherwise, require password authentication for each and every session. Customer support should be able to guide you through the setup.
  • Use management and reporting tools to track the origins and details of every call. Voicemail systems will have these systems in place.
  • Remove unassigned mailboxes.
  • If you’re not sure how a feature works, consult customer service. Lack of knowledge is one of the most common causes of security programs.

The drawback to best practices in security is that they can be labor intensive. That’s why even though most of these tips are common sense, voicemail fraud will probably be around for a while. One advantage of our services is that we can manage this for you. Instead of wasting time on the phone with a provider you can make a quick call to one of our client care representatives. Our cost audits can also uncover suspicious activity and most importantly, serve as evidence when fraud sparks a billing dispute between your company and the carrier. Contact us to find out more.