|
|
Numerous reports of call charges fraud by hackers concerning PBX systems have recently been reported in the press. Such manipulations can be carried out in various ways. On the one hand. it may be that existing features of a PBX system can be abused for this purpose. For example, call redirections or dial-in options which can be remotely programmed are suitable for this. On the other hand, rights can be granted in such a way that incoming "exchange lines" occupy outgoing "exchange lines". As a result, when a certain number is dialled from outside, the caller can be directly connected with the "exchange". However, this takes place at the expense of the PBX system provider.
Another type of call-charges fraud can be caused by the user himself. By various means, e.g. making telephone calls from other people's telephone sets, reading out other people's identifiers (passwords) or modifying personal privileges, an attempt can be made to make calls at the expense of the employer or of other staff members.
| © Copyright
by Bundesamt für Sicherheit in der Informationstechnik |