PBX DISA Toll Fraud

Long Distance

Facts

 

Last update:

09/17/2004

  Long Distance
Compare Rates FAQ Opportunities
 

Home
Up

 

DISA

Direct Inward System Access

Toll Fraud Via DISA

 

Many businesses PBX and Key Systems have a feature called DISA, Direct Inward System Access .  The idea behind this feature is to allow authorized users to dial into a special number on your telephone system and then either dial extension numbers directly or utilize the company's less expensive long distance trunks and services.

 

If you are using DISA

 STOP IT!

 

This is a tremendous security risk that could cost your company thousands.  As far as your long distance provider is concerned, you are responsible for all calls originating from your PBX or Key System even it the call is fraudulent. 

 

In a perfect world this is how it works:

An outside representative needs to call a customer that is a long distance call for him.  Rather than using the long distances services of the telephone he is using, he dials into your PBX, enters a security code then dials 9 and the number.  The call then goes out your long distance carrier and the representative does not have to expenses back the call.

 

But in the real world it really works like this:

Someone finds or acquires your DISA number either by shoulder surfing, finding documents careless left around or by one of several software programs designed to find such things.   An working account code is discovered using the same methods.  Once a valid number is found, the caller has nearly unlimited access to your long distance services.

 

Often this information is used to set up "call centers" that will use your system to allow people to make calls to whatever county they like.  The numbers can add up to thousands of dollars in a very short period of time and you are responsible for the billing.

 

Over the years the I have been servicing telephones systems, I have seen at least one case personally and heard of many others where a service technician set up a DISA number and account code and turned the customers telephone system into his own personal long distance service.

 

Here is my recommendation for PBX and key system owners.

bulletIf you are using DISA - switch to prepaid calling cards.  The price of calling cards has dropped to the point that any potential saving is no where near the risk.   The risk is limited to the cost of the card.
bulletHave your service provider PROVE that DISA is not active.  That means your technician will  show you on the programming terminal that either the feature is not available or that has not been programmed for any reason.  This should be verified at least once a year.
bulletIf your system allows a trunk to be connected to another trunk without internal supervision, look carefully as to why you need this feature.  There may be valid reason to forward external calls offsite but you should also evaluate your options.   If you find you can do without that feature, not only disable it, but work with your technician to have them prove to you that it is disabled.

 

Remember this:  even though you may not be aware of a feature that compromises your service, you are still responsible for even the fraudulent calls.

For Information on calling cards click here

 

  

 

 Copyright © 2003 Long Distance Facts
 Home Up Next