web statisticsweb stats

Business Phone Systems

Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Oct 2016
Posts: 1
Member
OP Offline
Member
Joined: Oct 2016
Posts: 1
I have a customer that got hit with Toll Fraud recently, but I have not been able to find how it was done. The customer has a Toshiba CIX100 and LVMU voice mail system with PRI and digital phones. It does not have any VoIP devices or even a connection to the Network. They claim during the incident that they observed approximately 4 lines busy with nobody on the phone. They have 7 virtual lines/answer points on the phones, so it points to the vulnerability being in the Voice Mail (4 Ports). I did not find any mailboxes that had the extension changed to an external number or speed dial. I was also not able to find any phones that were forwarded externally.

I am more interested in how it was done, since I know how to fix it. Any help would be appreciated.

Atcom VoIP Phones
VoIP Demo

Best VoIP Phones Canada


Visit Atcom to get started with your new business VoIP phone system ASAP
Turn up is quick, painless, and can often be done same day.
Let us show you how to do VoIP right, resulting in crystal clear call quality and easy-to-use features that make everyone happy!
Proudly serving Canada from coast to coast.

Joined: Jun 2005
Posts: 2,706
Likes: 7
Member
Offline
Member
Joined: Jun 2005
Posts: 2,706
Likes: 7
The voicemail system is the most common place hackers will use for toll fraud. They may not have set the entire number in the extension field. I would look again for an extension something like 901. The 9 in the extension field will grab an outside line. Also double check your DIDs to make sure that you don't have DISA enabled on a number.

Typically I see hackers getting into the admin mailbox with the default code through the phone rather then using software.

It's good practice to enable destination restrictions for the voicemail extensions . With the IPEdge voicemail system the hackers will login to any user's voicemail box and use the follow-me feature.

Joined: Aug 2012
Posts: 122
Member
Offline
Member
Joined: Aug 2012
Posts: 122
Do they have a toll free numbers associated with the PRI? Typically hackers only want to come in on a toll free numbers. You should always secure the password on mailbox 999, get rid of or change mailbox 993 to another mailbox that can access the voice mails internal modem. You might even consider removing the CIX internal modem. There are many ways to access the outgoing trunks.
If it was truly hacked those would of been international calls made that they don't recognize making and the carrier should adjust the bill for them.


Moderated by  Carlos#1, phonemeister 

Link Copied to Clipboard
Forum Statistics
Forums84
Topics94,288
Posts638,794
Members49,767
Most Online5,661
May 23rd, 2018
Popular Topics(Views)
212,350 Shoretel
189,000 CTX100 install
187,391 1a2 system
Newest Members
Robbks, A2A Networks, James D., Nadisale, andreww
49,767 Registered Users
Top Posters(30 Days)
Toner 23
teleco 7
dexman 5
dans 4
Who's Online Now
0 members (), 132 guests, and 389 robots.
Key: Admin, Global Mod, Mod
Contact Us | Sponsored by Atcom: One of the best VoIP Phone Canada Suppliers for your business telephone system!| Terms of Service

Sundance Communications is not affiliated with any of the above manufacturers. Sundance Phone System Forums - VOIP & Cloud Phone Help
©Copyright Sundance Communications 1998-2024
Powered by UBB.threads™ PHP Forum Software 7.7.5