To say that Dr. Jeremy Orgel experienced “sticker shock” when he opened his February long-distance phone bill, grossly understates the matter.

Orgel, a San Francisco psychoanalyst and physiotherapist, normally spends approximately US$100 per month on long-distance calls. But here was a bill for more than US$20,000.

“The hours of collect calls that had been charged to me were astounding.”

Orgel’s service provider, AT&T Corp., said he was a victim of the “Yes-Yes” voice mail fraud. In early January, somebody cracked the doctor’s voice mail password and changed his greeting to say “yes” repeatedly. The amendment let fraudsters charge long-distance calls to his account. The February bill included 6,500 minutes of conversation out of Saudi Arabia.

Orgel isn’t alone. Other San Francisco professionals were hit by Yes-Yes. Most victims run small shops. Some saw their long-distance bills climb into the tens of thousands of dollars.

If the fraudsters were able to scam so many long-distance calls from small operations, imagine what damage these thieves might have caused an enterprise. “If a company runs its own PBX, it is a target,” said Joseph Seanor, Washington, D.C.-based security consulting manager with Avaya Inc.’s enterprise security practice.

So how can companies help protect themselves? Here are some suggestions:

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now