What to do when telecom fraud occurs

You’ve been hit with a telecom fraud attack. Now what? We asked Mark Palchick, an attorney and industry expert with a deep understanding of telecom laws and regulations.

Introduction

We are often asked the question, “My phone system has been hacked and I have a huge telephone bill. What can I do?” TransNexus offers excellent software to prevent telecom fraud, but we do not have a solution for fraud victims after an attack has occurred. This article summarizes what TransNexus learned from Mr. Palchick.

A serious financial risk for enterprises

Telecom or toll fraud is an increasingly dangerous problem in the telecommunications industry and can affect any organization which uses or sells VoIP services. Enterprises are the primary target for most fraudsters. Few enterprises realize that their telephone system is a fraud target that could cost them hundreds of thousands of dollars in fraud losses.

While many enterprises have been victims of toll fraud, few firms will discuss their losses in public. However, a few well-publicized cases indicate how large the fraud risks are for enterprises and small businesses.

YearFraud LossDetails
2015$2,000,000Doctor's office in Maryland. Telephone system hacked to make calls to Gambia, Ascension Island and Dominica.
2014$166,000Seven-person architecture firm in Georgia. Four-line analog phone system hacked to make calls to Gambia.
2013$600,000Real estate agent in Florida. Phone system hacked to make calls to Somalia, Guinea and Azerbaijan.

What to do before telecom fraud occurs

Preventing toll fraud is much easier and less costly for an enterprise than dealing with large toll fraud losses. Palchick notes that most enterprises ignore the risks of toll fraud until they are attacked. He recommends that enterprises give telecom toll fraud the same priority as other significant business risks and take the following actions before an attack occurs.

Know what you are purchasing

You need to be intelligent when you are purchasing telephone services. First and foremost, know what you are buying. If international long distance service is not required, do not subscribe to it. International long distance calls pose a high fraud risk to enterprises. If you do not intend to subscribe to international long distance service, make sure your contract clearly states that the service is not included. If international long distance is required, implement the TransNexus telecom security checklist. Also, safeguard your phone system by deploying a fraud management system that is capable of preventing and detecting fraud before it enters your network.

Know the terms of your contract

Study the contract from your service provider and become familiar with its terms. Assume that you, the customer, are fully liable for any calls that originate from your telephone system. Most telephone service terms and conditions make it very clear that the customer is fully liable for fraudulent calls. The following clause, taken from the Comcast Business Services Customer Terms and Conditions is a good example:

3.12 Fraudulent Use of Services. Customer is responsible for all charges attributable to Customer with respect to the Services, even if incurred as the result of fraudulent or unauthorized use of the Services.

Ask if your service provider offers telecom fraud protection for a fee

If your telephone service provider offers toll fraud loss protection, it may be the best solution for managing fraud risk. Be sure to ask for toll fraud protection. Refusal of a provider to provide toll fraud protection could be significant in the event toll fraud occurs. Also, ask your service provider to advise you in what steps you should take to minimize fraud and also ask what steps they take to minimize fraud. It could be important later. Also, when you ask, always ask in writing.

What to do after telecom fraud occurs

Once toll fraud has occurred, it will be a challenge for the enterprise to avoid full financial responsibility for the losses. However, there are actions the enterprise can take to possibly reduce their toll fraud losses. Palchick recommends that enterprises follow the four steps below if their telephone system is hacked and they receive a huge bill from their service provider.

  1. Gather as much information/evidence as possible to understand exactly what happened.
  2. Determine if cramming has occurred. Cramming occurs when the enterprise is subscribed to services it did not order. If the enterprise can prove that cramming occurred, they may have a strong argument that there are not liable for the toll fraud losses.
  3. Prepare to negotiate for a settlement that is less than the full retail cost of the toll fraud loss.
  4. Many service providers will be satisfied if they can recover their wholesale costs related to the fraudulent traffic. Since there can be a large profit margin between international retail and wholesale rates, this could be a significant reduction in fraud loss for the enterprise.

    If no cramming occurred, it is probably not realistic or reasonable for an enterprise to expect its service provider to reduce the enterprises toll fraud liability below the wholesale cost of the fraudulent traffic.

  5. If the service provider does not agree to reduce the enterprise’s toll fraud liability to the service provider’s wholesale cost, then the enterprise should consider filing a formal complaint with the FCC against their service provider.

Winning a formal complaint against a service provider to avoid toll fraud losses will be a major challenge, but it may motivate the service provider to negotiate a reduced settlement. Filing a formal complaint with the FCC will require advice from an attorney who is familiar with FCC rules and decisions regarding telecom fraud.

The FCC has ruled on five formal complaints regarding telecom fraud and four were clearly in favor of the service provider. However, all these decisions occurred in 2001, or before, and the world has changed dramatically with the widespread adoption of VoIP technology.

A summary of the FCC rulings on telecom fraud complaints are summarized in the following table:

FCC ComplaintYearDescription
Chartways Technologies, Inc. v. AT&T Communications, 6 FCC Rcd 4241991Chartways experienced a large volume of unauthorized long distance calls to Pakistan utilizing its PBX system. The FCC ruling claimed Chartways was liable for the fraudulent charges, since they failed to provide evidence demonstrating AT&T’s negligence and did not take preventative fraud detection measures.
United Artists Payphone Corporation v. New Telephone Co, 8 FCC Rcd 55631993United Artists experienced unauthorized calls through their payphone business that was connected to a public network through lines bought from a provider. United Artists did not presubscribe their lines to a primary interexchange carrier and specified 1 + interexchange calls were only permitted to certain areas in New Jersey. The FCC ruled that United Artists was not liable for the fraudulent calls, since they took multiple steps to control potential fraud, monitor their lines and report suspected fraud occurrences. Further, United Artists was not responsible for the charges, as they were not AT&T’s customer.
Directel, Inc. v. American Telephone and Telegraph Co., 11 FCC Rcd 75541996Directel was a victim of fraudulent international calls through their Westerville and Cincinnati PBX systems. The FCC ruled that Directel was liable for the fraudulent charges, since they failed to produce affirmations that supported their claims and did not take any steps to control or restrict unauthorized access to their PBX systems.
Halperin v. MCI Telecommunications Corporation, 13 FCC Rcd 225681998Halprin sublet offices to a Nextwave, who subscribed to MCI for long distance calling. An administrative error unknown to Halprin resulted in MCI becoming the presubscribed carrier for the company. When Nextwave ended their agreement with MCI, Halprin's subscription was terminated, but their service remained intact. This resulted in “non-subscriber” rate charges for calls. The FCC ruled that MCI’s tariff was not explicit as necessary.
Gerri Murphy Realty, Inc. (GMRI) v. AT&T Corp., 16 FCC Rcd 191342001GMRI’s 800-number received a large volume of inbound calls from the New York area and a large volume of international calls to areas where suspected fraud has occurred previously. GMRI claimed that they complied with all of AT&T’s recommendations, however, the fraudulent calls continuously accumulated. AT&T, on the other hand, claimed that GMRI initially declined the blockage of specific area codes of concern. They also claimed that they took action without previous authorization, after multiple days of unapproved calls, to put an end to the toll fraud. GMRI refuted AT&T’s claim by stating the cease in toll fraud occurred only after AT&T recommended discontinuing the 800-number, with the exception of calls from Alaska and Guam.

Article contributor

Mark Palchick is an attorney in the Washington, DC office of Womble Carlyle Sandridge & Rice. He has worked in the communications field since 1975. He is experienced in matters relating to international copyright, negotiations of program affiliation agreements, E-rate funding, pole attachment matters, interconnection agreements between carriers and other FCC regulatory matters. You can contact Mr. Palchick at MPalchick (at) wcsr.com.


More on TransNexus.com

October 22, 2018

FCC proposal to curb domestic telecom fraud

October 11, 2018

Google Voice call screening as robocall prevention

September 27, 2018

Robocaller hit with large fine

September 27, 2018

Lessons learned from call forwarding attacks

September 10, 2018

Prevent telecom fraud with blacklist call forwarding

Clicky