Ways To Prevent Toll Fraud
As a system administrator you need to understand How to secure your communications System. In this post “Ways to Prevent Toll Fraud”, we’re going through simple ways to lock down your system for undesirable events, such as auto-dialers taking over your trunks to make calls, or use your voicemail systems and Automated Attendants to forward callers to an unknown destination such as a telemarketing site.
What you need to understand:
To start, you need to understand which lines are assigned to what. In many cases Administrators won’t take time to review their phone lines and capabilities. If you haven’t done so, contact your Service Provider and ask them for a list of Features and Services included in your contract.
Inventory your system:
Looking for physical stations and virtual users. If you have an Avaya Aura using Call Center check your VDNs and Vectors as well.
By default the voicemail Ports should be disallowed to make any outbound calls, unless using the Out-Calling Features. If your system is setup to notify users whenever they have messages waiting, make sure that these calls are setup only to call within your Local Area (HNPA). Preferably assign barrier codes or authentication codes allowing them to authenticate before making any calls out through the PSTN.
Trunk to Trunk Transfer / Remote Call Forward
These two features are commonly used by Hackers, Drug Dealers, and many other criminals allowing your system to act as Proxy for their benefits, not only will they utilize your lines leaving you without resources and causing the loss of thousands of dollars.
How to Prevent Tall Fraud on Trunk To Trunk Transfer and Remote Call Forward?
To Prevent Toll Fraud using Trunk to Trunk Transfer and Remote Call Forward use Barrier Codes and Authentication Codes on a users’ basis, install a Call Accounting System to allow tracking of phone calls made. These type of system will allow you run reports against Authentication Codes, Stations, City, Country, etc.
Virtual Users and Ways To Prevent Toll Fraud
Nowadays it is very common to have your teammates / employees working from different sites authenticating to your central office via VPN (Virtual Private Network) allowing your firewall appliance opening holes in your network to allow voice communication between your virtual user and your telecommunication system. The more complex your solution gets, the more aware you should be learning how everything connects and works. I will also tell you that you should contact your network administrator and ask them how they have their VPN Settings configured.
Virtual Users / Remote Workers
To secure your connections between your Virtual Users and your Core Site Telecommunication System make sure to implement IP Encryption if using Avaya Aura to encrypt your voice traffic. For VPN Connectivity always select your SSL Categories. Once your VPN Connection is stablished, check your VPN Tunnel Lifetime. Always select the Diffie-Hellman Group Option to allow share secret communication over a secure channel. For mobile phones implement MOBIKE RFC4555 to allow mobile phones security to your Core Systems.
- At&t Toll Fraud Brief Overview
- Avaya Toll Fraud Document
- MOBIKE (IKEv2 Mobility Multihoming Protocol) RFC4555