Management Information Sheet

Norfolk and Suffolk Constabularies, are seeing a rise in Private Branch Exchange (PBX) fraud across both counties. The victims are often small to medium-sized businesses but we are noticing schools being targeted and common flaws in security being exploited. It occurs when the school is most vulnerable during times of closure and the predictable nature of school closure, makes them a target. There are a number of simple steps however, to significantly reduce your risk.

• Use strong pin/passwords for your voicemail system, ensuring they are changed regularly.
• If you still have your voicemail on a default pin/password change it immediately.
• Disable access to your voice mail system from outside lines. If this is business critical ensure the access is restricted to essential users and they regularly update their pin/passwords
• If you do not need to call international numbers/premium rate numbers, ask your telecoms provider to place a restriction on your telephone line.
• Consider asking your network provider to not permit outbound calls at certain times e.g. when your business is closed
• Ensure you regularly review available call logging and call reporting options.
• Regularly monitor for increased or suspect call traffic.
• Secure your exchange and communications system, use a strong PBX firewall and if you don't need the function, close it down!
• Speak to your maintenance provider to understand the threats and ask them to correct any identified security defects

For further information, please find attached pdf from the National Fraud Intelligence Bureau (NFIB).