Introducing Britannic Branded Calls and Messages!

Find Out More!
  • Britannic Blog
  • How Toll Fraud Can Drain Your Business & How to Stop It

How Toll Fraud Can Drain Your Business & How to Stop It

Molly Edwards
fraudster on ipad

*Updated 27 February 2025*

You power down your workstation, exchange holiday wishes with colleagues, and step out of the office, ready for some well-earned rest. As you settle into your armchair at home, work becomes a distant thought. 

But while you’re unwinding, cybercriminals are just getting started. Behind the scenes, hackers are probing your business’s phone system, searching for vulnerabilities. Their goal? To hijack your communications network and rack up astronomical charges to premium-rate, mobile, and international numbers—all at your expense. 

It might sound like something out of a tech-thriller, but for thousands of businesses every year, this nightmare is a costly reality. Many only discover the fraud when an eye-watering bill lands in their inbox, leaving them to foot the hefty charges. 

The good news? While toll fraud is a significant threat, you can take proactive measures to protect your business. 

 

What is Toll Fraud? 

Toll fraud is a cybercrime in which hackers gain unauthorised access to your telecommunication system—often through a VoIP (Voice over IP) or PBX (Private Branch Exchange) system—to make fraudulent calls. 

The scale of the problem? Businesses in the UK alone lose over £1.3 billion annually to toll fraud. Globally, losses reach billions of pounds. 

 

How Toll Fraud Happens 

Most attacks occur outside regular business hours—late at night, over weekends, and during holidays when no one is monitoring the system. 

Cybercriminals exploit weak security settings, default passwords, or open connections, allowing them to: 

  • Route a high volume of calls through your system. 
  • Generate thousands of pounds in charges per trunk line, per day. 
  • Conceal their activity until it’s too late. 

Since these calls appear legitimate to telecom providers, businesses are often held financially responsible for the fraud. 

 

How to Protect Your Business from Toll Fraud 

1. Conduct a Fraud Risk Assessment

A Fraud Risk Assessment evaluates your current security measures and highlights areas that need strengthening. This can include: 

  • Reviewing system administration passwords. 
  • Performing random voicemail password checks. 
  • Updating barring policies for international and premium-rate calls. 
  • Removing unused extensions or inactive mailboxes. 
  • Implementing additional security programming. 

2. Strengthen System Security

If your business uses SIP (Session Initiation Protocol) devices—such as softphones, mobile clients, or VoIP desk phones—take these security steps: 

  • Use Strong Passwords - Avoid simple or default passwords like extension numbers. Implement complex passwords for all SIP devices. 
  • Enable Secure SIP Authentication - Use SIP Digest Authentication or another security mechanism to verify all SIP devices before allowing connections. 
  • Restrict SIP Access - Never expose SIP phones (softphones or hardphones) to the internet without encryption or VPN protection. 
  • Update Voicemail Security - Ensure all users change default voicemail passwords to at least six digits and require frequent updates. 
  • Disable Unused Extensions & Mailboxes - Remove inactive accounts that could be exploited by hackers. 

3. Monitor & Restrict Call Traffic

Implement real-time monitoring and restrictions to detect unusual activity before damage occurs: 

  • Set Up Call Monitoring & Alerts – Get notified of high-volume calls, out-of-hours activity, or unexpected international calls. 
  • Restrict Call Permissions – If international or premium-rate numbers are not necessary for your business, block or limit access. 
  • Partner with Your Telecom Provider – Enable fraud detection services and establish spending caps to prevent excessive charges. 

4. Keep Your Systems Updated

Cybercriminals exploit vulnerabilities in outdated software and firmware. Ensure: 

  • VoIP/PBX systems are regularly patched 
  • Firewall settings are configured for telephony security 
  • Unused ports and external access points are closed 

 

The Cost of Inaction 

Failing to secure your telecom systems doesn’t just mean a massive financial loss—it can also damage your company’s reputation, disrupt operations, and expose sensitive data. 

The last thing you want after a relaxing holiday is to return to a fraudulent bill or a compromised phone system. 

 

Stay Protected - Get Expert Help 

At Britannic, we specialise in helping businesses secure their communications networks against toll fraud. Our Fraud Prevention Assessment can identify vulnerabilities and provide tailored solutions to keep your business safe. 

Get in touch today to fortify your phone systems and enjoy a fraud-free future.