Our Message

Dear Customer

Whether it is Bell, Navigata or Allstream or any other supplier of lines, none of these telecom line resellers will take responsibility any longer for fraudulent long distance charges with customers. You may not have been a victim of this fraud yet, but we at CTT Telcom can help reduce / prevent this constant breach in security where these criminals hack into telephone systems each and every day, and run up excessive long distance charges without you even being aware.Ensure your company has taken the most secure measures to reduce/ prevent the chances of becoming a victim of fraud. Call now to discuss

technology_voice_mail_hacked_1

Note: Changing voicemail pass codes and policing every mailbox does not work. Entire access removal does.

Call us now and let us service your voicemail system to reduce / prevent fraud. We cannot think like these fraudsters, but when it presents itself we should attempt to shut down these criminals of long distance fraud. We have 3 customer that have been hit. Ask us to send you proof.

Regards

Michael Saunders

CTT Telcom Inc.

b.416.259.4828 x222

c.647.212.7803

ctt@idirect.com

www.ctt-telcom.com

AN IMPORTANT MESSAGE FROM BELL

Subject: Voicemail fraud

We have received several complaints about voicemail fraud

Several cases of fraud with respect to business voicemail equipment have been brought to our attention. These cases involve experienced criminals that illegally gain access to company voicemail systems and then place long distance calls from within those systems.

This is part of an illegal global trend

Many businesses and phone companies around the world have recently fallen victim to this fraud. Fraudsters most often call a business after hours, and then employ a variety of manual and automated techniques to try and guess at the passwords used to protect access to voicemail equipment. If these passwords have not been changed from their default settings, or if passwords are used that are easy to guess at (such as 1234 or 1111), it is fairly easy for these criminals to gain access to voicemail equipment. Once inside, long distance calls are initiated, resulting in unexpected charges.

Take steps to protect yourself

Today's sophisticated voicemail system comes with safeguards to preven this kind of exploitation.

However, like locks on your car or on your house, they have to be used properly in order to be effective. Here is what you can do to increase protection for your business:

• Ensure that your employees change the manufacturers' default password immediately upon being assigned a voicemail box, and that they are reminded to change the password frequently thereafter.

• Program your voicemail system to require passwords with a minimum of 6 characters (8 is preferred - the more complex the password, the more difficult it is to guess).

• Train your employees not to use easily-guessed passwords such as their phone numbers, the number of their phone extension, or very simple number combinations.

• When assigning a phone to a new employee, never make the temporary password the employee's telephone number.

• Program your voicemail system to force users to change their password at least every 90 days.

• There is a feature called "through-dialing" that allows you to make long distance calls from within your mailbox when you are at an offsite location. Validate if the through-dialling feature is needed, and if not ask your equipment support provider to disable it.

• If you decide to keep through-dialing enabled, then it is important that you generate and monitor through-dialing reports to ensure your mailboxes are not being abused.

• Remove all unassigned mailboxes. While these precautions are of a general nature, and might not protect every aspect of an individual telephone system, they will go a long way to reducing your vulnerability to this type of fraud.

We encourage you to contact your equipment support provider to discuss your particular configuration in
greater detail. Remember that you are responsible for paying for all calls originating from, and charged calls accepted at, your telephone, regardless of who made or accepted them.

If you have general questions about voicemail equipment protection and have a Bell maintenance contract, contact us at 1 866 350-7689. Otherwise, contact your equipment support provider.

Are you a victim?

If you suspect you have been a target of criminal activity it is your responsibility to contact the local authorities immediately. Bell will be pleased to co-operate with you and assist in a formal criminal investigation with your consent and at the request of the police or relevant local authorities.

Businesses hit by phone fraud mad at telecom companies; want political action

Article Published in The Canadian Press: February 21, 2009

Here's the link to the article: http://www.google.com/hostednews/canadianpress/article/ALeqM5hdY44u2kEwEsJ_Fj1wNR-yCAV01Q

TORONTO — Frustrated companies facing crippling bills totalling hundreds of thousands of dollars for phone calls made fraudulently through their voice-mail systems say they are getting little satisfaction trying to straighten out the costly mess.

While winning forgiveness for the bills is their top priority, they say the telecom industry must put in place safeguards to protect customers, or else Ottawa should order them to do so.

"The credit cards and the banks have certainly put in technology where things are not as easily taken as they once were - they're constantly evolving as technology progresses whereas Bell is not," said Leah May, officer manager at law firm Martin and Hillyer in Burlington, Ont.

"They're just forcing victims to pay for it, and where's the consequence to them?"

Bell Canada's 38-page bill to May's firm was for more than $207,000 worth of calls to Sierra Leone. Bell offered to halve the amount.

"That's just not good enough," May said. "We're screaming out loud that we've been victimized."

Phone companies maintain customers must ensure their phone systems are protected from what Bell calls "experienced criminals."

"Remember that you are responsible for paying for all calls originating from, and charged calls accepted at, your telephone, regardless of who made or accepted them," Bell vice-president Peter Kerr wrote to lawyer John Ford in Oakville, Ont., this month.

In Oakville, GPS Consulting Group and Insurance Agencies had its Bell-installed system hacked to the tune of $76,000 for calls to Austria - even after following advice to change voice-mail passwords.

Bell initially said it would take $60,400 but eventually agreed to accept $7,100 after threatening to cut off the lines.

That's still too much, said the firm's Gord Cowan.

"It's anguish. It's cost us thousands and thousands of dollars of time fighting this," said Cowan, who wants the legislation changed.

"These small companies, through a federally regulated company, are being brought to their knees. They'll put us out of business."

The Commissioner for Complaints for Telecommunications Services, an independent non-profit agency funded by phone companies, said Bell would not disconnect service during the dispute and resolution phase.

"The main focus of this has been southern Ontario, but I'm not persuaded it's going to stay there," said complaints commissioner Howard Maker.

Maker said each case requires investigating such issues as the equipment involved, training, the long-distance carrier, the security measures, and the contractual relationships.

"There are levels of complexities and differences in each of these cases," Maker said, adding phone companies also feel victimized but are reconsidering how they deal with such complaints.

Phone "phreaking" occurs when criminals gain access to a voice-mail system by cracking the password and using the hijacked phone line for calls to countries such as Sierra Leone, Zimbabwe or Liechtenstein.

Kelly Wilson, owner of a Hamilton-area accounting business that was hit with $7,200 in long-distance charges, said she has been stymied in finding answers.

On one occasion in December, 84 calls totalling more than 18 hours were made in a two-hour span. According to the bill, multiple calls were made to the same number at the same time.

"How is this possible?" said Kelly, whose bank account was debited by Bell despite promises the charges would not be put through.

Her new bill this past week showed Bell had reversed $1,400, still leaving her with $5,800 in bad charges.

A Winnipeg business, HUB Computer Solutions, is still battling its $52,000 January bill from Manitoba Telecom Services for hundreds of calls to Bulgaria.

"I just wish it would just go away," said HUB's Alan Davison, who said there is no insurance against this potentially bankrupting fraud.

Caroline Chassels, who runs a small computer company in Toronto, said Bell offered to take $50,000 off their $150,000 bill for calls to Sierra Leone last fall.

"The argument that paying a $100,000 phone bill would put our company at risk of bankruptcy did nothing to sway the Bell executives from their insistence that we are responsible for protecting our phone lines," Chassels said.

"At the crux of the problem is Bell's infrastructure that enables hackers to turn four lines into 200 lines that are billed for continuous phone calls."

90# Telephone Scam

SUMMARY: Forwarded email warns telephone customers not to comply with instructions from persons claiming to be phone company service technicians to 'test the line' by dialing 90# or #90.(Examples of these emails can be seen here http://www.snopes.com/fraud/telephone/jailcall.asp)

What the warning letter floating around the Net doesn't say is that this scam only works on telephones where you have to dial 9 to get an outside line. Unless you have to dial 9 to get an outside line at home, this scam does not affect residential telephone users. Dialing "nine-zero-pound" on a residential phone will only give you a busy signal. That's it.

On some business phones, however, dialing "nine-zero-pound" may transfer a call to an outside operator and give the caller the opportunity to call anywhere in the world and charge it to your business' phone bill ... maybe. It all depends on how your business' telephone system is set up. If your company doesn't require you to dial 9 to get an outside line (for example, if you have a direct outside telephone line on your desk or if your company's phone system requires you to dial a number other than 9 to get an outside line) the "nine-zero-pound" scam does not affect you. Also, if your company's phone system is set up so that you cannot make a long distance call once you have accessed an outside line (a lot of companies now limit all outside lines to local calls only), the "nine-zero-pound" scam does not affect you either.

The "nine-zero-pound" story only affects those businesses that require you to dial 9 to get an outside line and then place no restrictions on who or where you can call once you get that outside line. And, just to be anal-retentive, let me say one more time that, unless you have to dial 9 to get an outside line at home, this scam does not affect residential telephone users. [It also probably doesn't affect non-U.S. telephone users. This is especially true for British telephone users whose telephone system is so complex that NO ONE in the UK knows how to use BT's phones (although I am sure that BT users are currently dealing with some sort of "dial q-seven-pi-cromwell-eleventeen-tomato" scam)].

— Patrick Crispen (From the The Internet TourBus)

* First name (required):

* Last name (required):
* E-mail address (required):

Phone number:
* Message (required):