Hackers 'costing firms millions' in telephone fraud

Businesses are facing "a plague" of telephone hackers, who can run up bills of thousands of pounds in a few weeks by exploiting flaws in modern switchboard systems.

A large British company based in London incurred a pounds 500,000 bill when hackers used a dozen of its phone lines during the night, for two months, to make calls to the US, Africa, India, Pakistan and Russia.

One hospital saw its phone bill rocket by pounds 50,000 in a single week when phone hackers calling from outside found a weakness in its switchboard, and used it to make calls to China.

The Independent has found that phone fraud, which exploits combinations of flaws in freephone numbers, voicemail systems and modern automatic switchboards, has been growing rapidly since the end of 1993, when the telecommunications watchdog Oftel first allowed the sale of switchboards which can forward external calls to outside lines. Phone hackers can exploit this to call via the switchboard to other numbers. Industry estimates reckon phone hacking is now costing companies millions of pounds every year.

But victims of fraud contacted by the Independent are reluctant to be named because they say it could ruin their companies' credibility. Some companies are understood to be reluctant to pursue court cases even after identifying hackers because they fear negative publicity. Many are angry that they were not warned by the manufacturers of the switchboards about the potential for hacking.

"We think consumers are super-sensitive to the idea of hackers, and as a software company we don't want our name associated with it," said an executive at the British subsidiary of an American software company. A lone hacker cost his company pounds 1,000 in one week last December.

The computer manager of an oil company, where hackers ran up a pounds 40,000 bill in a couple of weeks, said: "I think people in industry aren't aware that modern voicemail and switchboard systems really are computers, and so are vulnerable to hacking. We didn't know what was going on."

But John Chatterton, an independent consultant who has advised a number of companies on how to stop phone fraud, said: "Nobody tells the truth about this because it's too embarrassing to admit. I have been trying to get companies to take these cases to court but they are reluctant to be named publicly."

The managers at the software company and the oil company say they were not warned about the possibility of hackers abusing their system by the makers of the switchboards. "We didn't understand what was happening," said the executive of the software company. "We came in one morning and were getting no calls at all on our direct sales line. Then we found the hacker had reconfigured it to call the United States."