Technical Bulletin. Toll Fraud Reminder & Update

Similar documents
Overview - Security Guide for OfficeServ system

David Morrow. Preventing PBX Fraud. -basic steps to help secure your PBX. prevention will always be cheaper than cure

PBX Fraud Information

Control Phreak. Active voice security.

Professional Training 2014 Prospectus

Best practices that can be used in reducing potential toll fraud risk include the following:

Unified Communications Manager Express Toll Fraud Prevention

Samsung Technical Bulletin

We will divide the many telecom fraud schemes into three broad categories, based on who the fraudsters are targeting. These categories are:

Rogers Business Phone User Guide

WE SEE YOUR VOICE. SecureLogix We See Your Voice

TOLL FRAUD POLICY. Toll Fraud. Liability

Reducing Telecoms Fraud Losses

Date: 01/05/08 Replaces Bulletin: PnP support for ITP 51xx range Bulletin Number: TB Plug n Play Support for ITP Terminals

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

A practical guide to IT security

FAQs User Support. These FAQs are designed to help guide you common Cloud PBX queries. The Service:

SIP Trunking Application Notes V2.0

PHONE by cegecom. Stay in contact with our customised voice services

Maine Price List Granite Telecommunications

ECLASS BLOCK. Description. Extension Controls

SADOS VOIP Phone System User Guide

Answer Machines & Call Recording

Version 1.2, 28 February Far South Networks

Version 1.2, 28 February Far South Networks

SIP Trunks. PCI compliance paired with agile and cost-effective telephony

The poor state of SIP endpoint security

Modern IP Communication bears risks

InSciTek Microsystems 635 Cross Keys Park Fairport, NY Guide to New Features Release 4.5

A host of cloud phone solutions... Hosted PBX Solutions

Customer Support Guide

How to Use Billing Addon

Notice to our customers regarding Toll Fraud

Our Customer Relationship Agreement BIZPHONE SERVICE DESCRIPTION

Hosted PBX Feature Guide


BT One Voice Schedule to the General Terms

VANGUARD WHITE PAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER

WHITE PAPERS. INSURANCE INDUSTRY (White Paper)

HOW TO ANALYZE AND UNDERSTAND YOUR NETWORK

Analog VoIP Gateway (AA50) Configuration Guide Ascom Freeset IP-DECT System

Phone Works Kingston Ltd.

ETERNITY NE. The Next Generation IP-PBX for Small Businesses

A Garda Síochána. PABX Fraud Explained

A Ready Business makes crystal clear voice calls for less.

Cebod Telecom. Customer Admin Manual

NON URGENT TEMPORAIRE DEFINITIVE CONTENTS 1. INTRODUCTION HOW TO REINFORCE VOIC PASSWORDS POLICIES... 3

ECLASS BLOCK. Description. Extension Controls. Caller Input Control

Communications technology for a better, brighter day in business

To access your Web Interface URL address, please call your salesperson or customer service.

Call Screening will allow you to block incoming anonymous calls or calls from a specific number.

Com.X PBX. End User Guide. Version 1.1, 8 September Far South Networks

Training Guide Index

Series OfficeServ TM 7000 One communications platform Endless potential OfficeServ 7000 Series

Insurance Industry - PCI DSS

Cyber security tips and self-assessment for business

Overview. What is a Multimedia Automated

FEATURELINE CORPORATE.

SIP Trunk Compatibility Report

IP Handset Software. Mark Burgess. Wilf Wood TB Samsung have released a suite of software for the various current IP handsets.

Our Customer Terms Page 1 of 30 Telstra Mobile Satellite Service

PBX Remote Line Extension

1) Run DM on your PC. 2) Select System -> Link Setup.

Menu Bars alls you access to your account information and activity.

Setting Up Your Personal Voice Mail Outgoing Greetings Page 1 of 5

SV8100 Release 6 Sales Update. Previous Releases

WellGate 2504 ( 4-FXS ) and WellGate 2540 (4-FXO gateway) in Peer to Peer mode with Hotline by port to port application.

Sense Enterprise. Truth. Spoken. Captured. Sense Enterprise is a unique call recording system with

The desktop Softphone enables you to utilize basic calling features from your PC or Mac.

NFON Whitepaper: Integrating Microsoft Lync (Skype for Business) with Telephony

Sprint Security Support Services for Schedule No. 11*

On-Site PBX Vs Hosted PBX

SIP Trunk Compatibility Report

IP Office Essential Edition PARTNER Mode M7100 Phone User Guide

Safety and Security. April 2015

TECHNICAL MANUAL PART 1 DECEMBER 2009 PROGRAMMING SECTION PART DESCRIPTION PAGE

SoLink-Lite IP-PBX. Administrator Guide. (Version 1.0)

SOPHO IPC 100. The advanced IP-PBX communication solution for small and medium-sized organisations

SVMi E-Series. Voic Quick Reference Guide

Calling Features wabash.com

A complete communications service for your business

Moving to a New Business Phone System

21 WAYS TO REDUCE TELECOMS EXPENDITURE IN YOUR BUSINESS

Telephone System Service Level Agreement

VANGUARD WHITE PAPER VANGUARD GOVERNMENT INDUSTRY WHITEPAPER

Home Phone Features Quick Start Guide

Sipdex M200s IPPBX. Embedded. Support Any IP Phone. Softphone and SIP Client App

FlexIP SOLUTIONS FEATURES

WHITEPAPER MOVING TO A NEW BUSINESS PHONE SYSTEM

OnCall Voice. User Guide. Revision Last Updated October 18, 2017 By, Pedro Tomas 2017 TRACI.net

Red ALERT Apparent Breach of an Unidentified Pharmacy Related Database

Our Customer Terms Page 1 of 32 Telstra Mobile Section

PART 7 - Central Office Optional Features 1st Revised Sheet 1 SECTION 2 - Advanced Custom Calling Features Replacing Original Sheet 1

FEATURELINE. SITE USER GUIDE. This user guide provides you with all the information you need to get the most from your Featureline Phone.

Bulletin: SV RN January, 2011 Page 1 of 20. Release Notes UNIVERGE SV8300. R5.0 Software Release

FIXED SERVICE SCHEDULE ISDN 2 SERVICE. The following additional terms and conditions apply to the provision of the ISDN 2 Service.

KX-TDE600 Pure IP-PBX. System Capacity. Telephone

Providing Continuous Customer Service since 1976

KX-TDE600 Pure IP-PBX. System Capacity. Total Number of Extensions. Extensions (MPR) Extensions (Free Slot)

BDR Fault Handling Document

Transcription:

1 Technical Bulletin Bulletin Authorisation Detail Author Andrew Kenyon Authorisation Wilf Wood Date 24/01/2011 TB Number TB - 11001 Description Toll Fraud Reminder Toll Fraud Reminder & Update Toll fraud or using dial through methods to make premium rate and international calls through unsecured PBXs and in particular via unsecured voicemail systems is a constant threat. It was estimated by the US government that it cost US businesses $55 million in 2009 alone. Often referred to as Theft of Service it is the responsibility of the customer, PBX administrator and the reseller to follow and adhere to the manufacturers guidelines on toll fraud prevention for their PBX to remain secure. This kind of attack usually happens outside normal business hours. Fraudsters can make huge amounts of calls, often running up bills of thousands of pounds per day until identified and stopped. Because the network supplier has allowed these calls legitimately, to you, they will charge for these calls. Toll fraud can have serious financial impact on businesses if not identified and stopped. The primary defence is reducing the risk of such attacks in the first place. By following good practice and ensuring normal password etiquette is maintained as well as turning off any services or features that are not required, this will minimise the opportunity for an attack to take place.

2 Key Generic Points to Deter Toll Fraud 1. Toll Restriction block or restrict premium rate and international calls on: a. Extensions b. Trunks c. Mailboxes d. MAKE SURE ALL SERVICE MODES ARE CATERED FOR DAY/NIGHT ETC. 2. Passcodes change passcodes regularly (at the very least, change the defaults for): a. Remote IP extensions b. Mailboxes (including any group mailboxes, administrator and virtual mailboxes) c. PC based softphones d. Main system admin 3. Reporting Deploy a call management solution. Unusual call patterns can be reported upon to the customer immediately, therefore a large bill at the end of the month can be avoided. Samsung s OfficeServ Call Reporting Software can be configured to report on such fraudulent call attempts. 4. DISA If Direct Inward System Access is in use, it is vital that the DISA service is password protected. Samsung PBXs are equipped with several DISA security measures: a. DISA access password protection (should be changed from default value) b. DISA service block upon incorrect password attempts c. Password and extension number combination required to access the system Indicators of Fraudulent Attempts to Access Your System 1. Unusual Phone Ringing Patterns a. A system phone that does not normally ring or receive incoming calls, may ring once during daytime hours indicating that fraudsters are trying random numbers within the system 2. Strange, foreign language or non-business related voicemails and silent calls a. Often, during fraudsters first attempts to dial through your system, they will get the dialling sequence wrong and inadvertently leave messages in random mailboxes. This is a sure sign that your system is being targeted b. If an abnormal amount of silent calls are received, where upon answer there is no response, this can be a sign of the system being targeted

3 What can you and your customers do to deter toll fraud? Please use the following information on how to properly configure the system to deter and remove the threat of toll fraud. Four Golden Rules to Help Combat the Threat 1. Change passcodes and passwords regularly a rule of thumb is that if a PBX service or device has a passcode, then it s there for a reason and open to being accessed fraudulently. So change it, regularly! 2. Manage the system user database remove any unused: a. Extensions virtual or physical (TDM, IP and Analogue) b. Mailboxes including group and virtual 3. Manage Toll Restriction levels A catch all approach is to restrict expensive premium rate numbers from being dialled. This is easily achieved through the Samsung Toll Restriction and Class of Service tables. Such restrictions can be seen to be restrictive to users don t forget that you can restrict calls during out of hours periods only, if users need to be able to make such calls during normal business hours. a. Be sure to include all digits and wild cards in any Toll Restriction plan including meta characters such as * and # 4. Follow the configuration rules for installing a voice mail system, specifically making sure all services that are not required such as external divert, external notification are disabled unless the customer specifically requests this functionality.

4 Below is the definitive guide to securing the OfficeServ PBX range Securing the SVMi Voicemail System ECLASS: Change these fields to N (No) Remove any exception codes from here Note that the menu above is for Standard ECLASS, makes sure that ALL ECLASS tables are changed.

5 MCLASS: Change these fields to N (No) Remove any exception codes from here Note that the menu above is for Standard MCLASS, makes sure that ALL MCLASS tables are changed.

6 Carrying out the settings shown in the above examples will block all dialling out and call backs via your SVMi voicemail. It is also essential to delete any unused extension blocks and mailbox blocks. For example any virtual or group blocks that are not in use should be removed. If toll fraud via your SVMi is suspected, you can use the activity log (activity.log) to trace the calls. For even further security you can assign a restricted Toll Level to the SVMi ports via the OfficeServ system s programming tools. Securing against localised Toll Fraud staff based fraudulent use In order to take full advantage of the OfficeServ Toll Restriction (call barring) tables, please use this guide as a reminder of best practices. This bulletin pays particular attention to the * and # keys, which should both be taken into account when building any Toll Restriction plan. Just barring digits 0 ~ 9 should not be considered adequate in any plan. Example of bad practice Imagine a BT customer requests that all international numbers are barred from all extensions. We should immediately consider digits 00 and the international operator 155, international directory enquiries 153 and 141 to restrict the outgoing CLI, the last three are well known methods of overcoming PBX baring tables. These codes should be entered as normal into a Toll Restriction plan and should be entered into MMC 702 see screen shot on MMC 702 below: We are using a COS with a Toll Level of B assigned in this example. The above example would successfully toll restrict 00, 155 and 153 calls from the associated extensions assigned to the relevant Class of Service.

7 But it would not restrict a user that prefixes the international call with a * or a #. For example a user could dial 9 - #00 followed by the international number and the call would not be restricted. The same can be said for the * key. So to ensure that your toll plan is secure please use the following screen shots of MMC 702 and MMC 704 as a guide. MMC 704 (Wild Character) is used to make call barring very flexible (screen shot above). In this scenario for barring * and # we need to use one of the wild characters (X, Y and Z). In default all digits assigned to Y and Z are set to NO, so we must set * and # to yes against for example Y and then enter Y into MMC 702 as shown in the screen shot below: Also as shown in the figure above, the * character can be directly entered into MMC 702, but the # key cannot and needs to be assigned via the wild character, in this case Y. And again the Y character must have the relevant Toll Level set to YES, in this case B. Using MMC 704 correctly, to restrict * and # should be considered best practice when building your toll plan.

8 VoIP Security Measures Ensure that any remote maintenance ports are restricted often ports need to be opened on a Firewall to allow remote maintenance and configurations to be made to the PBX ensure that only the preferred maintainer s Public IP address has been allowed access via this port Delete unused ITP/SIP Extensions/Wi-Fi phones any unused ITP/ SIP Extensions/Wi-Fi phone accounts should be removed ITP/SIP Extensions/WIP phone passcodes any used or active ITPs/Wi-Fi/SIP Extensions should have their passcodes changed from the default Port forwarding VoIP connections require port forwarding rules to be put in place on a Firewall. To ensure that only authorised users and services are allowed through, only allow port forwarding from authorised IP address i.e. Your SIP provider s IP address. If in doubt about protecting your customers PBX against fraud, please follow the four golden rules: 1. Toll Restrict your system including the trunks 2. Install the Samsung Call Reporting Solution to ensure that any unusual call patterns are spotted early, and reported to the appropriate persons 3. Change ALL passcodes regularly 4. Disable unwanted functions on the system and voice mail

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback