A New Zealand businessman woke up to find a $26,000 phone bill on his account, with his phone provider wanting him to pay the entire sum.
Alan Bray, a Tauranga resident, doesn't make international calls, but was told the charges racked up in just two days. This was reported on 30 June by New Zealand news agency 3 News, who subsequently investigated the case further.
Hackers are now using automatic dialling software from overseas locations to target phone lines. The software searches thousands of lines per minute until it locates a PABX phone without security in place on the voicemail port, according to 3 News.
The attackers are then able to reroute their customer calls through the overseas line for several days, at which point the connection is cut and the next victim is targeted. As international numbers were routed through the line, the bills can be enormous.
"It's being done as a form of fraud, so it's generating a large bill that someone in that chain is siphoning off," "Chris O'Connell, acting chief executive of the Telecommunications Users Association of New Zealand, told 3 News.
General manager of Intagr8, the phone provider whom Mr Bray uses,claimed that this wasn't the first instance of such an attack occurring. He explained that over the past six months, 20 attacks have occurred.
"It's stepped up a lot in the last year or so."
Intagr8 eventually lowered the required sum to be paid by Mr Bray to $6000, and then finally let the entire amount slide.
The attack should serve as a reminder for companies to guarantee mobile application security, especially when it comes to other forms of attack such as overseas attackers using voicemail. As evidenced here, the financial impacts can be damaging.