Hacking is not just limited to computers and data networks.  While credit card theft and breaking into Pentagon computers gets all the attention, telephone systems are targets as well.

Why would someone spend their time and energy hacking into a telephone system you ask?  What is in it for them?

Well, it can be big business.  The world wide cost of telephone hacking or phone Phreaking, as it is known, is estimated to be upwards of 80 billion dollars per year.  It is attracting the attention of organized crime and is very sophisticated.  Once hackers gain entry to a telephone system they can program it to allow outside users to make calls through the system and avoid long distance phone charges.  This availability can then be sold to many other users who rack up large phone bills for the victim.

Another scam is to program the telephone system to call “1-800” numbers that actually carry very high call rates.  Sometimes the rates are as high as several thousand dollars per minute.  These companies are usually in countries that do not regulate telephone carrier rates and are outside the jurisdiction of the United States.

Like credit card theft, AT&T and other carriers used to absorb these charges as a cost of doing business, but lately they have changed their policies.  If your telephone system made the call, then then you are responsible for the charges.

So, the lesson is to be vigilant and be aware or you normal billing patterns.  If you notice a significant change in your monthly bill, dig deeper.  There are call accounting programs that you can install on most PBX telephone systems that will alert you to abnormal activity: calls over a certain amount and calls to certain countries, for example.

Remember always have users change their passwords from the system default setting.  Criminals are opportunistic and go after low hanging fruit.  They are looking for easy access and will often move on to the next target if they are blocked.