web statisticsweb stats Business Phone Systems Tech Talk Forum - VOIP & Cloud Phone Help

Business Phone Systems

Previous Thread
Next Thread
Print Thread
Rate Thread
#525951 12/06/11 03:37 PM
Joined: Jun 2011
Posts: 30
Member
OP Offline
Member
Joined: Jun 2011
Posts: 30
We have a customer who's been hit with unauthorized toll charges or fraud. I believe they're getting in via voicemail, and dialing out to the 900 numbers. When this happened a few months ago, they changed all the vpn passwords, we reassigned those physical phones which were associated with the extensions that placed the calls, and changed all of the voicemail pins. But it's happening again, so I believe they must be getting in via voicemail.

900 numbers both 900*, 1900*, 91900* and 9900* are blacklisted in the CoS elements.

How can I know if they're placing the calls via hacking someone's voicemail and getting dial-tone or getting in through the vpn? The extensions that placed the calls have had registrations disabled, so it could possibly be someone spoofing (outpulsing their number) and dialing the 900 numbers.

Atcom VoIP Phones
VoIP Demo

Best VoIP Phones Canada


Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.

#525952 12/07/11 05:50 PM
Joined: Mar 2001
Posts: 3,869
Member
****
Offline
Member
****
Joined: Mar 2001
Posts: 3,869
I don't know anything about 3Com but I saw the topic.

Is it possible to change the voicemail passwords to 8 digit instead of maybe 4 that they may be breaking?

Can your carrier block those calls as the hackers are getting out of the 3Com switch?

Would someone like Adtran have a router that would prevent those calls?

Again, not a 3Com person, just throwing out grasping at straws ideas.


THE Bracha, old blond specialist in Rube Goldberg solutions.
#525953 12/08/11 03:31 AM
Joined: Jun 2004
Posts: 1,367
Member
*****
Offline
Member
*****
Joined: Jun 2004
Posts: 1,367
Also not a 3Com person, but I know how to spell it.
Does the 3Com have any logs? You may want to set up a machine to collect SMDR (if possible) an have ALL extensions output to it (Some systems you can exclude SMDR output on an extension by extension basis)

The Spoofing brings up an interesting point.I wonder how the destination knows how to bill for the calls? I assume the phone company does it, but does the phone company truly know where the call originates. or does it xreference the BTN it recieves.

IS the VM in the same COS the other stations are in?


[Linked Image from i26.servimg.com]
TouchPoint Networks.

Serving the Northwest Since 1991
NEC Shoretel Zultys T3 Tadiran
#525954 12/12/11 03:37 AM
Joined: Dec 2007
Posts: 6,795
Likes: 18
Retired Admin
*****
Offline
Retired Admin
*****
Joined: Dec 2007
Posts: 6,795
Likes: 18
...again another person who only knows how to spell 3Com giving advice:

I believe if you change the password to 8 digits, that you cannot change it back to 4 digits.

Also Call Reports

After you install NBX Call Detail Reports, you can:
  • Retrieve calling data from the system.
  • Generate formatted reports.
  • Export reports in formats suitable for use with third-party reporting software, spreadsheets, databases, and word processing applications.
  • Export your call data in HTML format for publication on a web server.
  • Export reports to a disk file or directly to a Microsoft mail message or a Microsoft Exchange folder.


A question: Does the 3Com have "Remote Diagnostics" activated? Is this a potential source?

Again, just a rookie offering advice. Keep us updated.


Dean
Photographs:
https://www.instagram.com/deanwilsoncanby/
https://fstoppers.com/profile/deanwilsoncanby
https://www.facebook.com/Dean-Wilson-Photography-112841337020414

Please don't confuse your "Internet Search" with my licenses, certifications and over 30 years experience.

"Thank you for calling Technical Support. If you feel you have reached this number in error, please hang up and press redial."
#525955 12/14/11 03:18 AM
Joined: Dec 2011
Posts: 4
Member
Offline
Member
Joined: Dec 2011
Posts: 4
1. Block 900 calls thru dial plan.
(even if you can do this, the fact that outbound calls from off premises can be made is a breach you need to lock down)

Direct system inward access (DISA) parameter

2. In the system configuration within NETSET, there is a check box field to prevent giving dialtone out.


Link Copied to Clipboard
Forum Statistics
Forums84
Topics94,241
Posts638,581
Members49,755
Most Online5,661
May 23rd, 2018
Popular Topics(Views)
210,644 Shoretel
187,402 CTX100 install
186,178 1a2 system
Newest Members
LewisR, TaniyahCobb, TDKs79, Buttinset, Housetech
49,755 Registered Users
Top Posters(30 Days)
Toner 14
Yoda 7
dexman 5
Who's Online Now
1 members (justbill), 68 guests, and 25 robots.
Key: Admin, Global Mod, Mod
Contact Us | Sponsored by Atcom: One of the best VoIP Phone Canada Suppliers for your business telephone system!| Terms of Service

Sundance Communications is not affiliated with any of the above manufacturers. Sundance Phone System Forums - VOIP & Cloud Phone Help
©Copyright Sundance Communications 1998-2024
Powered by UBB.threads™ PHP Forum Software 7.7.5