DISA Toll Fraud

Direct Inward System Access (DISA) is a legitimate PBX feature that allows authorised users to dial into the business phone system from outside and then make outbound calls as if they were on-site. When DISA is enabled without adequate PIN protection or brute-force limits, attackers can call the DISA access number, guess the code, and use the business's outbound trunks to make international calls at the business's expense.

DISA fraud was among the earliest forms of telephone toll fraud and remains relevant because many businesses enable DISA for convenience without reviewing its security configuration. A single compromised DISA system can generate thousands of dollars in international call charges overnight, particularly when calls are routed to revenue-share numbers.

Businesses should disable DISA if it is not actively used. If required, require strong PINs, limit incorrect-attempt counts before locking the access code, restrict the outbound destinations reachable through DISA, and monitor call-detail records for off-hours calls to unusual destinations.