Bell Canada has taken out full-page newspaper ads warning customers they are responsible for costly long-distance calls made through their voicemail systems, even if they were done so fraudulently.
30/01/2009 1:58:05 PM
CTV.ca News Staff
The warnings come too late for Burlington, Ont. law firm Martin & Hillyer, a company that received a $207,000 phone bill for calls made to Sierra Leone.
The calls were likely made by criminals who called into the system after hours, and hacked passwords used to protect the voicemail equipment.
In the ad, Bell says it has received several complaints about a voicemail fraud scam whereby "experienced criminals...illegally gain access to company voicemail systems and then place long distance calls from within those systems."
Often the voicemail passwords have never been changed from the original programmed default, they are the same as the phone number or extension, or they are easily guessed, such as 1234.
When they appear on the company's phone bill, it appears as though the calls were made directly from the office or home number.
The Bell ad says its systems come with adequate security devices, but "like locks on your car or on your house, they have to be used properly in order to be effective."
Bell offered a number of tips for companies to ensure their phone systems are not compromised. But Bell also says companies will have to pay for those calls made when the systems are hacked.
"Remember that you are responsible for paying for all calls originating from, and charged calls accepted at, your telephone, regardless of who made them or who accepted them," the ad states.
Following is a list of steps Bell says companies can take to protect their voicemail systems.
Ensure employees change default password immediately after being assigned a voicemail box.
Program systems to require passwords of six or eight characters.
Avoid easily-guessed passwords.
Require users to change their password every 90 days, as a minimum.
Disable the offsite "through-dialling" option if it isn't necessary.
Remove all unassigned mailboxes.
"While these precautions are of a general nature, and might not protect every aspect of an individual telephone system, they will go a long way to reducing your vulnerability to this type of fraud," the ad states.
30/01/2009 1:58:05 PM
CTV.ca News Staff
The warnings come too late for Burlington, Ont. law firm Martin & Hillyer, a company that received a $207,000 phone bill for calls made to Sierra Leone.
The calls were likely made by criminals who called into the system after hours, and hacked passwords used to protect the voicemail equipment.
In the ad, Bell says it has received several complaints about a voicemail fraud scam whereby "experienced criminals...illegally gain access to company voicemail systems and then place long distance calls from within those systems."
Often the voicemail passwords have never been changed from the original programmed default, they are the same as the phone number or extension, or they are easily guessed, such as 1234.
When they appear on the company's phone bill, it appears as though the calls were made directly from the office or home number.
The Bell ad says its systems come with adequate security devices, but "like locks on your car or on your house, they have to be used properly in order to be effective."
Bell offered a number of tips for companies to ensure their phone systems are not compromised. But Bell also says companies will have to pay for those calls made when the systems are hacked.
"Remember that you are responsible for paying for all calls originating from, and charged calls accepted at, your telephone, regardless of who made them or who accepted them," the ad states.
Following is a list of steps Bell says companies can take to protect their voicemail systems.
Ensure employees change default password immediately after being assigned a voicemail box.
Program systems to require passwords of six or eight characters.
Avoid easily-guessed passwords.
Require users to change their password every 90 days, as a minimum.
Disable the offsite "through-dialling" option if it isn't necessary.
Remove all unassigned mailboxes.
"While these precautions are of a general nature, and might not protect every aspect of an individual telephone system, they will go a long way to reducing your vulnerability to this type of fraud," the ad states.
