Toll Fraud – The Latest Threat to Businesses

When you hear about ‘hacking’, you automatically think of attempts to gain access to your data, or your website. Whilst these are of course very real threats that cost businesses billions collectively, there is something else that is becoming a significant problem, and that is telephone hacking, otherwise known as ‘toll fraud’ or ‘phreaking’.

What is Toll Fraud?

Toll fraud is carried out by criminals who hack into phone systems and use them to make calls to premium rate or international numbers. In doing so, they run up bills of thousands of pounds. And it’s the owner of the line that is liable for the bill, without exception.

Most toll fraud happens out of hours when it is least likely to be detected. Evenings, weekends and bank holidays are the most common times. The fraudsters are only too aware of the lack of monitoring during these times and take the opportunity to dial into a phone system, locate an unsecured voicemail box and start making calls to wherever they choose.

What can Lead to Toll Fraud?

Problems mostly arise when voicemail boxes, modems, routers, networks, phone systems and the computers that operate them are not adequately password protected, perhaps because passwords are left as default, rarely changed, written down, shared or just not strong enough. Powerful auto diallers are used to randomly search for insecure passwords, more often than not with great success.

Other ‘ways in’ include inbound reverse charge calls and callers repeatedly asking to be transferred until they reach an outside line. Operators should look out for continuous hang-ups on inbound calls; wrong numbers; silent calls; callers asking for invalid extension numbers and obscene calls. Expect deceit, cunning and persistence.

How to Head the Fight Against Toll Fraud

It is near impossible to completely avoid toll fraud, but there are numerous measures that can be taken in order to reduce the risk of it occurring. Here is a checklist:

• Educate all staff who use your telephone system in any way in the dangers of toll fraud
• Introduce policies on accepting reverse charge calls: either say no altogether, ban any from overseas or verify the identity of the caller.
• Restrict outbound calls to all or selected overseas destinations.
• Consider placing restrictions on outbound calls from certain extensions or on the quantity that can be made or the times dialling out is permitted. For example you could put a halt on outbound evening or weekend calls.
• Ensure mailbox system passwords are strong and regularly changed. Never share passwords.
• Disable conference facilities if not required or regularly change the access codes.
• Install a voice firewall and consider a line monitoring service that will identify any suspicious activity.

You should be aware that you are responsible for your telephone line security, and therefore liable for any calls that are charged to your account, whether or not they are the result of criminal activity. Take steps today to ensure you are doing everything you can to protect your business from costly risks of toll fraud. Your bookkeepers will be able to point you in the right direction of service providers who can help you.

Take Care When Telemarketing to Avoid Costly Fines

If you have decided to take advantage of increased confidence in the economy and boost your marketing efforts, something you may be thinking about trying is telemarketing. It is certainly a very popular initiative, but, as with all marketing, there are particular guidelines you need to adhere to. So before you get started on your campaign, have a read of this article so you can get it off the ground whilst staying within the law.

The first thing to take in is that the Information Commissioner’s office (ICO) is not shy when it comes to issuing fines, and of significant sums. Not so long ago they issued one of £90,000 and another of £225,000 for breaches of the regulations. In response to this, the following advice has helpfully been published by John Mitchison who is head of the Telephone Preference Service (TPS).

List Screening

Screening marketing lists against the TPS and CTPS (Corporate Telephone Preference) registers is the first place to start before preparing any campaigns. Under the Privacy and Electronic Communications Regulations, businesses are prohibited from making unsolicited sales and marketing calls to anyone who is registered under these services, unless express consent has been provided.

Updating Databases

Keeping databases up to date is crucial. By law, any lists to be used in a marketing campaign must be screened against the TPS register 28 days or less before any unsolicited calls are made. Buying lists from a list broker? The responsibility for screening is still yours. If the supplier states their lists have been screened, you still need to carry out due diligence.

Managing ‘Do not Call’ Lists

During the course of your marketing campaigns, you will come across requests from people you contact to remove them from your list. You are obliged to honour these requests and it is very important that you have measures in place to ensure these people are not contacted again. Not only could it lead to complaints to the regulator and possible fines, it can also damage relationships and public profile.

Training Personnel

When your personnel are well versed with the regulations and aware of their responsibilities around TPS and ‘do not call’ lists they will help keep your business safe from risk. Keep them up to date with any legislation changes and ensure new staff are trained in your procedures.

Getting things wrong with telemarketing – or any other type of marketing campaign - could prove extremely costly. If you are unsure of what you can and can’t do under the Privacy and Electronic Communications regulations, which also control email marketing, a good place to go for advice in the first instance is your bookkeepers who will be able to give you an overview and general guidance to help keep you within the law.

Are you Familiar with the Sunday Working Rules?

If you run a business that operates on Sundays, then it is important you make yourself aware of the rules surrounding Sunday working as there are various obligations you need to adhere to.

In most cases, if you include a clause in an employee’s contract stating that working on Sundays is a requirement, then they will be obliged to observe it. However, if you operate within the retail sector or betting industry, then you will be subject to a different set of rules.

Retail and Betting Sector Sunday Working

In these two sectors, workers are actually allowed to opt out of working on Sundays, regardless of whether their contracts state they are required to do so. The one exception to this rule is, if the employee is only contracted to work on Sundays and no other day, then they won’t be permitted to opt out.

If you run a business in the retail or betting industries and have staff wishing to opt out of Sunday working then they are required to provide you with three months’ notice to do so. During the notice period you can decide whether you wish for them to continue working on Sundays. This gives you time to make arrangements for alternative staff to stand in for their Sunday shifts.

Employer Obligations

As an employer, you also have obligations. Within two months of an employee starting work with you, you are required by law to notify of them of their right to opt out of Sunday working. It is wise to have a standard template letter ready to use. If you fail to provide this notification, then should an employee decide to exercise their right to opt out, they will only have to provide you with one month’s notice rather than three. So it is obviously in your best interests to make the notification.

Avoiding Discrimination Claims

If a member of staff opts out of working on Sundays, be careful not to treat them unfavourably. If they are dismissed for this reason, then it is likely you will have an unfair dismissal claim on your hands.

Sunday Working and Rates of Pay

Employees who work on Sundays are often under the misconception that they are entitled to higher rates of pay compared to standard working days. However, this is not the case unless their contract expressly states as such.

If you are in any doubt over your obligations as an employer concerning Sunday working, your bookkeepers will be able to advise you on the current regulations.