What is Toll Fraud And The Ways To Prevent It

Toll fraud can be a serious problem for your business. Large businesses and government organizations have experienced losses in the hundreds of thousands of dollars. In this guide, we are going to talk about everything you need to know what toll fraud is, how it occurs, and the ways to prevent it from happening.

What Is Toll Fraud

Toll fraud occurs when someone gains access to your phone system to make artificially generated high-volume calls to premium international numbers. Criminals have been targeting business phone systems for years, for the purpose of committing toll fraud.

Typically the crime is committed through illegal access to an organization’s Private Branch Exchange (PBX) or phone system. So it has always been a real challenge to well manage your business phone line.

The customer is responsible for toll fraud if the calls originate from their PBX.  The long distance carrier is under no obligation to reverse the charges.  The only reason a carrier might do so is as a measure of goodwill or due to an upcoming contract negotiation.

Insurance carriers will only cover the loss if it can be proven to be the result of employee dishonesty and the company possesses that type of coverage.  It does not fall under property loss, however, because toll charges are not considered tangible property.

If a business were able to convince an insurance carrier that their loss was a tangible one, the carrier would deem the crime as an off premise theft, which would limit the amount recovered.

How Toll Fraud Can Occur In Your Business Phone System

There are a number of methods a criminal can use to access a company’s PBX. Our telecom experts mentioned some critical issues.

Direct Inward System Access (DISA)

Direct Inward System Access (DISA) is a feature that gives employees remote access to their company’s phone system.  It is used to reduce the cost of outbound calling for remote and traveling employees.  Criminals purchase access codes from unscrupulous or ex employees.

They have even video taped business people placing calls on pay phones to uncover their dial in phone numbers and access codes.  Once they have these codes, criminals resell long distance in call-sell operations.

Remote Maintenance and Testing System Ports (RMATs)

Remote Maintenance and Testing System Ports (RMATs) allow a technician to access a phone system remotely to troubleshoot or make system changes.  The port can also offer access to a company’s phone system to hackers who can then manipulate the system to permit fraudulent calling.

This frequently occurs on a Friday night so unauthorized toll calling can occur undetected all weekend.  Toll charges in the hundreds of thousands of dollars can be generated.

Voicemail or Auto Attendant

Hackers enter a phone system the same way employees access their voice messages remotely or an incoming caller accesses different extensions on a phone system.  Once they have access they attempt to crack a password and take over the functionality of the phone system.

How To Prevent Toll Fraud In Your Organization

We all know that phone systems are crucial for businesses. Toll fraud is a serious threat and businesses need to take the proper precautions to protect themselves. Our telecommunication expert covers different methods on how you can prevent phone toll fraud. Let’s dive into it without further ado.

Measures Can be Taken to Protect Your Phone System:

  • Once it’s installed, make sure you change the password to access your PBX.
  • Disable the Direct Inward System Access, if it’s not needed.  If it’s necessary, require users to use a minimum of a five-digit password.  Also, limit log on attempts to three tries and then require a password reset by a system manager.
  • Implement a voice firewall and software to block hackers and provide real-time, detailed monitoring of call traffic.  There is software available that can alert you if there is any unusual activity.
  • Protect your Remote Maintenance Access and Testing System ports.  There is equipment available that will drop all incoming calls and then call back predetermined phone numbers for access.
  • Deactivate unused voicemail boxes and prevent employees from recording extended absence greetings.  Extended absence greetings are invitations for hacking.
  • Restrict access to international calling to areas of the world your employees don’t need to call and high fraud area codes, like area code 809.  809 reaches the Dominican Republic and 60% of all toll fraud calls terminate to that area code.
  • Limit trunk-to-trunk access – the ability for incoming callers to access dial tone – either through voicemail or the auto attendant.
  • Educate traveling employees to potential hazards like “shoulder surfers”, when using public phones.  “Shoulder surfers” watch people dial in an effort to capture access codes.
  • Limit the availability to and capability of your phone system during non-work hours.
  • Purchase Employee Dishonesty Insurance.  20 to 30% of fraud calls are the result of dishonest employees.

It’s not difficult or costly to protect your PBX from hackers and criminals that want to commit toll fraud.  By implementing the above measures a company can prevent the six figure losses and business interruptions that can result from toll fraud.

It’s not difficult or costly to protect your PBX from hackers and criminals that want to commit toll fraud. By implementing the above measures a company can reduce business phone bills, and prevent the six-figure losses and business interruptions that can result from toll fraud.

If you would like to receive more information regarding CarrierBid telecom consulting services, please complete the web-form on the right side of this page.

Call us at


for immediate service or fill out the
form and we’ll be in touch right away.

  • Please describe how we can help:
    What services are you considering to drive your business higher?
    What challenges are you currently facing?