# Best Practices to Protect You from Toll Fraud Toll fraud occurs when unauthorized parties exploit vulnerabilities in your system to make expensive, long-distance calls at your expense. Preventing toll fraud is critical to protecting your business from financial loss. Below are best practices and strategies to avoid toll fraud ### Partner Responsibilities #### Strong Password Management * **Create Strong Passwords:** Ensure that the web GUI access to your device is secured by using complex passwords that incorporate a combination of uppercase and lowercase letters, numbers, and symbols * **Avoid Default Passwords:** Change the default password immediately upon installation. * **Unique Passwords:** Use different passwords for your IP phone Regular Software Updates * **Keep Firmware Updated:** Regularly check for and install firmware updates for your IP phone and PBX. * **Update Operating System:** Ensure your network equipment has the latest security patches. Network Security * **Firewall Protection:** Implement a firewall to protect your network from unauthorized access. * **Port Forwarding:** Limit port forwarding to essential services. Implementing restrictions to the service * As a safeguard against Toll Fraud, partners should request that international calling be disabled during the initial setup process Restrict International Calling * If your service is a SIP trunk, ensure that your PBX enables international call blocking. ### Hosted Network Responsibility #### User Authentication * Ensure to use more complex password for the extension (VOIP bundle or SIP Trunk service) to prevent unauthorized registration Implementing restrictions * Ensure that international calls are blocked as per the partner's instructions Monitor Fraudulent Activity * Continuously monitor traffic patterns for fraud, and provide **real-time alerts** to the partner in case of suspicious activities. * Block unauthorized calls to high-risk destinations or numbers. Following these guidelines can significantly reduce the risk of Toll Fraud. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://kb.hostednetwork.com.au/support/services/voice-over-ip-voip/technical-references/best-practices-to-protect-you-from-toll-fraud.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.