Fidelity National Financial - Fraud Insights

Last month we shared information regarding "COSTLY area codes" and the "One Ring" scam where the crooks call your cell phone and only allow it to ring once, and then hang up in hopes you will call back. If you call back you are charged international dialing rates.

This month we are providing information on "TOLL fraud" which was originally reported in the June 2014 edition. Toll fraud is rampant and causing hundreds of thousands of dollars in losses to our Company, as a result we are providing more information on the root cause and tips on how to prevent the thieves from running up your office phone bills.

The thieves target companies typically closed on nights and weekends. They call the company and then access each employee's voice mail. They program the employee's direct line to dial a number outside the U.S. — charging the business each time the number is called. Hundreds and even thousands of calls are made. One of our branch offices just experienced this type of fraud and received an exorbitant bill from the telephone company.

In general, toll fraud occurrences can happen in a variety of business sectors, including in FNF's vertical. Even though our users receive training to defend against such tactics, some FNF offices have experienced an occurrence of toll fraud. FNF's Carrier Services Department usually discovers this during their review of the phone bills. In the past few years, the dollar amounts have ranged from small, negligible amounts to larger, more substantial sums; the most recent incident resulted in one of those highly significant amounts.

FNF is fully responsible for all charges relating to toll fraud. While the majority of the telephone services are under a corporate contract, there are some local offices that have signed their own contracts, they have provisions in the contract stating any toll fraud is the sole responsibility of the Company as it stems from their local phone system not being secured.

Typically, the toll fraud happens by the hacker accessing the local voicemail system. Most of these systems were originally setup to allow "pass through dialing," which was put into place for people who were traveling and needed to make Company calls. This allowed a person to dial into the voicemail and receive dial tone to dial another number. Hackers find these holes and sell the telephone numbers hundreds of times using the Internet.

How did the scammers get access? Some offices have older phone equipment and the phones either do not have a passcode set to access voicemail or the passcode set is a generic number. Unfortunately, getting out of paying the fraudulent phone charges is not always easy. Some phone companies will hold customers responsible for all or a portion of the charges and note the customer's equipment was not secure — therefore putting the onus on the victim.

One of our title agents in Indiana recently fell victim to this crime. In one weekend, the fraudsters racked up a litany of long distance charges on the agent's phone bill. Another business (not a title agency) in the same city, had charges over the weekend in excess of half a million dollars.

The scammers made thousands of overseas calls to phone numbers with a set charge to the business each time the number was called — in this particular case the charge was $34.83 per call. The scammers were paid a percentage from each call.

When toll fraud happens the FNF office is informed they are 100% responsible for the charges. Our Company works with the Carrier Services Department to see if any portion of the amount can be written off. Success rate in getting some of the charges written off is 50%, the remaining amounts are negotiated into a payment plan that eases the burden for the local office.

Once we discover that we have fallen victim, we send the following out to the local Information Technology (IT) person and office, and ask that they have their telecom vendor come on–site and perform the following steps:

Reset all voicemail passwords

Ensure they cannot be changed to 123456 or the same as the extension

Disable any and all remote access
Disable all international dialing (except for those that require it) including Canada and Mexico

Our corporate phone system has over 8,000 end users and 400 local offices secured against toll fraud in a few different ways:

Not allowing the pass through dialing of voicemail or the phone system, only being able to forward your phone to another phone on the system.
Having calls transferred "mirrored" to a cell phone, which is secured by active directory.
International dialing is turned off by default and all the known international toll fraud sites are blocked (Dominican Republic, Gabon, Gambia, Congo, Qatar, etc.). If calling one of these locations is required, a Carrier Services Department representative will input the specific number and only that number can be dialed.