×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

L/D Toll Fraud Protection

More important updated info on Toll Fraud as of 2016 by curlycord
Posted: 7 Jan 16 (Edited 26 May 17)

Every sight is different so you will need to do what suits the customer.
These are optional and not mandartory since you maybe using some features.

See also Tip FAQ http://www.tek-tips.com/faqs.cfm?fid=7280 for those with a NAM

KSU/BCM:
-Disable DISA and/or change COS password to something more secure.
-Check the Remote Rectriction Filters and apply restrictions if you are using Auto Answer for any of your line.
-Setup restriction filters and have them applied to voice mail ports/DN's (if all users are to be restricted from out dial)
-Setup restriction filters and have them applied to lines and/or setup COS passwords to bypass restrictions.
-Disable Allow Redirect option for all sets.
Restriction example- Restrict 0 for overseas, 1 for local long distance, 900 for billing and 10 for those 1010 type services.

BCM Update:
-Note that if your BCM allows users access to Mailbox Manager then you are at risk of being hacked.
-The login via the browser does not have a maximum attempts setting so it can be hacked easily from the outside world by an automated script
-The hacker will then change the External Transfer number that was probably pointing to the users mobile number.
-Port 80 and 443 are web browser ports that should be blocked in your router, VPN is a more secure choice from outside your network.
-More importantly via Callpilot Manager denying the mailbox or Class of Service access to any Pools or External transfer as well restrictions on the sets or lines will stop

Voice Mail
-Norstar Application Module (NAM) run the Toll Fraud Patches, see this link http://www.tek-tips.com/faqs.cfm?fid=7280 - Note that you can post in forum asking for a link.
-Callpilot 100/150 upgrade software to 3.1
-BCM's with Callpilot make sure you are upgraded to the latest BCM patches.
-Delete all unused mailboxes
-Have ALL users change mailbox passwords to 6 or 8 digit non-trivial passwords, including General Delivery and System manager mailboxes.
-Disable Outbound Transfer/Dial/Pool Access in admin programming (COS) for each mailbox.
-Disable the "enable external initialization" feature in COS
-Setup lockup mailbox after so many unsuccessful password attempts
-Program Dialing Translation Tables in Voice Mail Administration
-Set "Return to AA to No" on older mails to prevent ** access, note that this will effect what happens to callers after listening to an info mailbox.


Carrier/Telco
-Have them restrict oversea calls if you donÆt call overseas and/or have them setup passwords.
They maybe also be able to restrict certain digits (filter).
You may not need the Telco involved if you did the above but the choice is there.


Who called oversea's
Usually voice mail is the culprit from an outside hacker but DISA and forwarded sets can be an issue as well.
You would need to setup an SMDR to see what ext. made the call or run reports from voice mail....see your vendor for more details.

Suggested restrictions (use all or some depending on environment) based on North America:

* - Will prevent any attempt to override restrictions
0 - Will prevent Over Sea calls
1010 - Will prevent Over Sea calls or local long distance
1 - Will prevent local long distance (Exceptions to add are toll free numbers 1800,1888,1887,1866,1855,1844)
411 - Will prevent charges for using the service local Directory Assistance
1555 - Will prevent charges for using the service abroad Directory Assistance
700, 900, 976 (and 1700, 1900, 1976) Will prevent charges for using the Premium Rate Services

Back to Nortel: Business Communications Manager BCM FAQ Index
Back to Nortel: Business Communications Manager BCM Forum

My Archive

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close