Make your passwords more secure
Password security is the most important part of fraud prevention. In general, your organization should:
- Ensure employees change the manufacturer’s default password as soon as they are assigned a voice mailbox.
- Remind employees to change their passwords on a regular basis and program your voicemail system to force them to change their passwords every 90 days.
- Program your voicemail system to require passwords with a minimum of six digits.
- Train employees not to use easily guessed passwords like their phone number/extension or simple number combinations.
- Never use the phone number as the temporary password when assigning a phone to a new employee.
- Never post or distribute your company’s voicemail passwords.
Disable or block unused features
Your voicemail system likely includes a number of features that make it easier for employees – and fraudsters – to conduct long-distance calls. Confirm if the following features are actually needed by your organization. If they’re not, ask your equipment support provider to disable them on your behalf:
- Through-dialling – This allows you to make long-distance calls from within your mailbox when you’re offsite – and is the primary enabler of toll fraud. If you decide to keep this feature, it is important to monitor through-dialling reports to ensure your mailboxes are not being abused.
- 101xxxx – This feature allows you to make calls with another long-distance carrier.
- 0-11 – This feature allows you to make overseas calls.
- 0+ – This feature allows you to make calls with operator assistance.
- Call forwarding – This feature allows you to forward calls from your business phone to another phone number.
You should also block long-distance calls from being made outside of your organization’s normal operating hours (e.g., nights, weekends, holidays). It is also recommended that you block access to any remote maintenance ports and system administration ports.