revealed that a New York phone hacking ring, with possible connections to Al Qaeda and reported links to Syracuse, has hacked dozens of small businesses' phone systems in New York, costing them hundreds of thousands of dollars. Schumer's visit is three-fold, as he will first warn Syracuse businesses of the scam and offer details related to the hacking, particularly given that the criminals have not yet been caught and are targeting New York companies. Second, he called on the telecom industry to reevaluate their current policies related to detecting and preventing these charges on small businesses' accounts, as well as accountability for victims. Finally, Schumer also urged the Federal Communications Commission (FCC) to focus on, and consider regulations related to this major issue, which is wreaking havoc on companies' budgets.
Schumer noted, as an example, that credit card companies have policies to trigger account freezing when suspicious charges occur, but many telephone companies have no such prevention systems. While the reports that these hackers have connections to Syracuse still must be confirmed, these scams puts Syracuse businesses at risk to be on the hook for the hackers' phone bills. Schumer also noted that Best Cleaners, one of the primary victims in Albany, had intended to expand its company into Syracuse, but the cost of this hacking scam has put the move on hold.
"A phone hacking ring, with possible links to Al Qaeda, is targeting New York companies and costing them hundreds of thousands of dollars: it's time for the telecom industry and the federal government to hang up on these criminals," said Schumer. "Already, dozens of New York small businesses have fallen prey to these hackers through their voicemail systems, and are often forced to cover the cost for weeks-worth of overseas calls. The telecom industry and the Federal Communications Commission must do more to detect these fraudsters, to stop or prevent the deceptive charges as quickly as possible, and to protect small business owners from the financial impact. These criminals must be held accountable, and we need all hands on deck to protect Syracuse business owners."
Schumer was joined by Onondaga County First Assistant District Attorney Rick Trunfio and the Onondaga County Sheriff's Office. He stated that in recent months, dozens of New York small businesses have fallen victim to a phone hacking operation, with reported connections to terrorists overseas. Specifically, police reports in this case indicated links to a broader phone hacking scam connected to Al Qaeda cells in Somalia and the Philippines. There have also been reports that the hackers phone lines could be run through Syracuse as a way to target New York businesses. Schumer explained that this fraud has occurred repeatedly in New York when hackers discover a loophole in the voicemail system and use this to make long-distance calls that can cost thousands of dollars. Schumer stated that when this occurs, if the telecom provider has limited fraud detection systems, the scam can occur over a series of days or even weeks, and many of these victims are left with a bill of hundreds of thousands of dollars. The problem is twofold: first, the industry does not, as a general rule, have adequate alerts and fraud prevention services to allow businesses and customers to quickly learn of suspicious purchases and stop them before charges are racked up; and second, New York's small businesses are being held responsible for the fraudulent charges.
Schumer described the scam, warned Syracuse small businesses of how to avoid falling prey to this hacking ring, and how best to respond if a company's voicemail system is hacked. Schumer highlighted that company's voicemail passwords should be complex, with at least six digits, and should always be changed from the default password provided by the voicemail vendor. Also, he noted that it's important for Syracuse businesses to change their passwords frequently and to make them as unique as possible. Often, these hackers attack voicemails at the beginning of holidays and weekends, so companies should check their recorded announcements often. Finally, Schumer noted that, when possible, companies should block international calls and disable remote notification and call forwarding features. Schumer highlighted that even if these precautions are utilized, companies may still be hacked, and business owners should call the police and phone company immediately if there's any suspicious activity on their account.
This widespread scam is targeting New York companies, and there are about 26 companies in the Capital Region known to have been impacted. One of the hardest hit was Best Cleaners, which was charged about $150,000 due to nearly 9,000 overseas calls. Schumer noted that the scam in the Capital Region has already impacted Syracuse, as the dry-cleaning owners had planned to open a store in 2013 in Syracuse. But given the costs related to this scam, those expansion plans are on hold.
In addition, Schumer predicted the unfortunate possibility that some Syracuse businesses could have already been impacted by this scam, and urged owners to consult their accounts for any suspicious activity.
Schumer therefore called on the telecom industry and the Federal Communications Commission (FCC) to immediately take steps to provide stringent fraud detection services for small business phone lines and to eliminate the charges for small businesses. Schumer stated that the credit card industry could be a model for appropriate fraud detection and customer service as it relates to such hacking. The telecom industry must establish robust fraud prevention services to allow businesses and customers to learn almost immediately when a suspicious purchase is made. In addition, Schumer stated that telecom companies should require authorization prior to a suspicious charge, similar to banks. What's more, the credit card industry has such strong protections because, by statute, credit card companies are liable for unauthorized charges over $50, if promptly reported by the victim. Schumer stated that the telecom industry should put parallel safeguards in place to protect consumers.
In addition, Schumer stated that the FCC should be alert to and focused on this massive threat to small businesses. If the industry cannot step up to the plate and implement such procedures in the near future, Schumer called on the FCC to regulate these changes to better detect voicemail fraud. The federal government must be doing everything it can to stop these unfair and deceptive practices that not only put businesses and telephone providers at risk, but also are a potential source of information for criminals and terrorists overseas. Schumer stated that this is a matter of national security, and should be taken extremely seriously by the federal government.
A copy of Schumer's letter to the telecom industry and the Federal Communications Commission appears below:
Dear US Telecom and NTCA,
I am writing today after learning of several instances of a voicemail scam praying on multiple New York small businesses. As I am sure you are aware, this fraud occurs when hackers discover a loophole in the voicemail system and use this to make long-distance calls that can cost thousands of dollars. As this scam can occur over a series of days or even weeks, many of these victims are left with a bill of hundreds of thousands of dollars. During these times, small businesses need all the available help in order for them to continue to prosper and grow.
Both your members and these small businesses have been victims of this crime. These hackers, as they mostly operate from overseas, can be very difficult for law enforcement to catch. Therefore, I am hopeful that we can work together on adequate steps to provide stringent fraud detection services for small business phone lines so that we can eliminate the charges for small businesses and for your members. I believe that the credit card industry could provide inspiration in this effort. They have established robust fraud prevention services to allow businesses and customers to learn almost immediately when a suspicious purchase is made. In addition, they can require authorization prior to a suspicious purchase.
We all have an interest in ending this fraud. Neither your members nor their customers wish to help connect potential criminals or terrorists with their allies overseas. I believe an industry-led effort to detect voicemail fraud and end these unauthorized charges would allow small businesses to continue to innovate without the fear of extremely high charges. I have copied the Federal Communications Commission to ask them to assist your members with their expertise in this matter.
I thank you for your attention to this important matter, and look forward to working with you to assist you in protecting American small businesses from unfair and deceptive practices.
U.S. Senator Charles E. Schumer
CC: Federal Communications Commission