What to do when telecom fraud occurs
You've been hit with a telecom fraud attack. Now what? We asked Mark Palchick, an attorney and industry expert with a deep understanding of telecom laws and regulations.
We are often asked the question, “My phone system has been hacked and I have a huge telephone bill. What can I do?” TransNexus offers excellent software to prevent telecom fraud, but we do not have a solution for fraud victims after an attack has occurred. This article summarizes what TransNexus learned from Mr. Palchick.
A serious financial risk for enterprises
Telecom or toll fraud is an increasingly dangerous problem in the telecommunications industry and can affect any organization which uses or sells VoIP services. Enterprises are the primary target for most fraudsters. Few enterprises realize that their telephone system is a fraud target that could cost them hundreds of thousands of dollars in fraud losses.
While many enterprises have been victims of toll fraud, few firms will discuss their losses in public. However, a few well-publicized cases indicate how large the fraud risks are for enterprises and small businesses.
|2015||$2,000,000||Doctor's office in Maryland. Telephone system hacked to make calls to Gambia, Ascension Island and Dominica.|
|2014||$166,000||Seven-person architecture firm in Georgia. Four-line analog phone system hacked to make calls to Gambia.|
|2013||$600,000||Real estate agent in Florida. Phone system hacked to make calls to Somalia, Guinea and Azerbaijan.|
What to do before telecom fraud occurs
Preventing toll fraud is much easier and less costly for an enterprise than dealing with large toll fraud losses. Palchick notes that most enterprises ignore the risks of toll fraud until they are attacked. He recommends that enterprises give telecom toll fraud the same priority as other significant business risks and take the following actions before an attack occurs.
Know what you are purchasing
You need to be intelligent when you are purchasing telephone services. First and foremost, know what you are buying. If international long distance service is not required, do not subscribe to it. International long distance calls pose a high fraud risk to enterprises. If you do not intend to subscribe to international long distance service, make sure your contract clearly states that the service is not included. If international long distance is required, implement the TransNexus telecom security checklist. Also, safeguard your phone system by deploying a fraud management system that is capable of preventing and detecting fraud before it enters your network.
Know the terms of your contract
Study the contract from your service provider and become familiar with its terms. Assume that you, the customer, are fully liable for any calls that originate from your telephone system. Most telephone service terms and conditions make it very clear that the customer is fully liable for fraudulent calls. The following clause, taken from the Comcast Business Services Customer Terms and Conditions is a good example:
3.12 Fraudulent Use of Services. Customer is responsible for all charges attributable to Customer with respect to the Services, even if incurred as the result of fraudulent or unauthorized use of the Services.
Ask if your service provider offers telecom fraud protection for a fee
If your telephone service provider offers toll fraud loss protection, it may be the best solution for managing fraud risk. Be sure to ask for toll fraud protection. Refusal of a provider to provide toll fraud protection could be significant in the event toll fraud occurs. Also, ask your service provider to advise you in what steps you should take to minimize fraud and also ask what steps they take to minimize fraud. It could be important later. Also, when you ask, always ask in writing.
What to do after telecom fraud occurs
Once toll fraud has occurred, it will be a challenge for the enterprise to avoid full financial responsibility for the losses. However, there are actions the enterprise can take to possibly reduce their toll fraud losses. Palchick recommends that enterprises follow the four steps below if their telephone system is hacked and they receive a huge bill from their service provider.
- Gather as much information/evidence as possible to understand exactly what happened.
- Determine if cramming has occurred. Cramming occurs when the enterprise is subscribed to services it did not order. If the enterprise can prove that cramming occurred, they may have a strong argument that there are not liable for the toll fraud losses.
- Prepare to negotiate for a settlement that is less than the full retail cost of the toll fraud loss.
- If the service provider does not agree to reduce the enterprise’s toll fraud liability to the service provider’s wholesale cost, then the enterprise should consider filing a formal complaint with the FCC against their service provider.
Many service providers will be satisfied if they can recover their wholesale costs related to the fraudulent traffic. Since there can be a large profit margin between international retail and wholesale rates, this could be a significant reduction in fraud loss for the enterprise.
If no cramming occurred, it is probably not realistic or reasonable for an enterprise to expect its service provider to reduce the enterprises toll fraud liability below the wholesale cost of the fraudulent traffic.
Winning a formal complaint against a service provider to avoid toll fraud losses will be a major challenge, but it may motivate the service provider to negotiate a reduced settlement. Filing a formal complaint with the FCC will require advice from an attorney who is familiar with FCC rules and decisions regarding telecom fraud.
The FCC has ruled on five formal complaints regarding telecom fraud and four were clearly in favor of the service provider. However, all these decisions occurred in 2001, or before, and the world has changed dramatically with the widespread adoption of VoIP technology.
A summary of the FCC rulings on telecom fraud complaints are summarized in the following table:
|Chartways Technologies, Inc. v. AT&T Communications, 6 FCC Rcd 424||1991||Chartways experienced a large volume of unauthorized long distance calls to Pakistan utilizing its PBX system. The FCC ruling claimed Chartways was liable for the fraudulent charges, since they failed to provide evidence demonstrating AT&T’s negligence and did not take preventative fraud detection measures.|
|United Artists Payphone Corporation v. New Telephone Co, 8 FCC Rcd 5563||1993||United Artists experienced unauthorized calls through their payphone business that was connected to a public network through lines bought from a provider. United Artists did not presubscribe their lines to a primary interexchange carrier and specified 1 + interexchange calls were only permitted to certain areas in New Jersey. The FCC ruled that United Artists was not liable for the fraudulent calls, since they took multiple steps to control potential fraud, monitor their lines and report suspected fraud occurrences. Further, United Artists was not responsible for the charges, as they were not AT&T’s customer.|
|Directel, Inc. v. American Telephone and Telegraph Co., 11 FCC Rcd 7554||1996||Directel was a victim of fraudulent international calls through their Westerville and Cincinnati PBX systems. The FCC ruled that Directel was liable for the fraudulent charges, since they failed to produce affirmations that supported their claims and did not take any steps to control or restrict unauthorized access to their PBX systems.|
|Halperin v. MCI Telecommunications Corporation, 13 FCC Rcd 22568||1998||Halprin sublet offices to a Nextwave, who subscribed to MCI for long distance calling. An administrative error unknown to Halprin resulted in MCI becoming the presubscribed carrier for the company. When Nextwave ended their agreement with MCI, Halprin's subscription was terminated, but their service remained intact. This resulted in “non-subscriber” rate charges for calls. The FCC ruled that MCI’s tariff was not explicit as necessary.|
|Gerri Murphy Realty, Inc. (GMRI) v. AT&T Corp., 16 FCC Rcd 19134||2001||GMRI’s 800-number received a large volume of inbound calls from the New York area and a large volume of international calls to areas where suspected fraud has occurred previously. GMRI claimed that they complied with all of AT&T’s recommendations, however, the fraudulent calls continuously accumulated. AT&T, on the other hand, claimed that GMRI initially declined the blockage of specific area codes of concern. They also claimed that they took action without previous authorization, after multiple days of unapproved calls, to put an end to the toll fraud. GMRI refuted AT&T’s claim by stating the cease in toll fraud occurred only after AT&T recommended discontinuing the 800-number, with the exception of calls from Alaska and Guam.|
Mark Palchick is an attorney in the Washington, DC office of Womble Carlyle Sandridge & Rice. He has worked in the communications field since 1975. He is experienced in matters relating to international copyright, negotiations of program affiliation agreements, E-rate funding, pole attachment matters, interconnection agreements between carriers and other FCC regulatory matters. You can contact Mr. Palchick at MPalchick@wcsr.com.