Most importantly, they implemented a SP side blacklist
They also implemented a provider side blacklist. So you can blacklist most destinations which run the "charging endpoint" of a VOIP scam.
The way VOIP scams work nowdays is - the scammer registers a toll number in a "friendly" country like Maldives, Nigeria, etc. It searches for PBXes exposed to the internet, then sets as many calls as they can to the number they have created in a "friendly country".
A SP side blacklist drops this dead. If your provider does not have it, I would suggest blacklisting anything except "well known" destination countries/regions for all international calls. Thankfully, the number system is somewhat hierarchical so blacklisting anything that starts with 4,5,6,7,8 and 9 goes a very long way.
One thing I have noted is that while automated scans are done by botnets, if they return something weird, it notifies a human which runs a more extensive break-in attempt. These do not even try to conceal their IPs and the sources where they come from are usually in "interesting" locations around the Middle East. So you can make your own guesses what will the money leached off your PBX used for.