atcomsystems.ca/forum
Posted By: MichaelV TVA50 toll fraud problem - 11/23/11 07:17 AM
I have a TVA50 on a TDA50 that is apparently being hacked into. I've been to the customers location twice and have found nothing. Both admin boxes already had a non-default password on them, I changed them anyway. Only three other mailboxes on the whole system and only one of them didn't have a password, ext.102, but there were no notify, forward, transfer settings turned on in that mailbox and it now has a password. Other two mailboxes don't have a simple password. Checked the call accounting reports in the TVA50 and they show no outdialing at all. Not sure what else to check here. Is there some way to hide a hack on the system?
Posted By: ShawnC Re: TVA50 toll fraud problem - 11/23/11 11:19 AM
is there a modem on either the tda or tva look at ext call forwarding to co and look closely at custom dialing menu!
Posted By: OBT Re: TVA50 toll fraud problem - 11/23/11 01:43 PM
make sure the vm ports are barred and no mailbox has external fwd through mailbox allowed.
they come in and remove fwd's before opening hours
Posted By: MichaelV Re: TVA50 toll fraud problem - 11/23/11 05:25 PM
Didn't install the system so I don't know if there is a modem or not, I'll have to check next time I'm there. Definitely no external modem. They do use external call fwd on the phone system for x103 as he likes to keep his office phone forwarded to his cell at all times.

kxtvet, do you mean custom service menu? Not familiar with a custom dialing menu.

VM ports are barred from dialing long distance or 1010XXX. May have to set up smdr to help track this. Or set up night mode so that all ports are set to TRL of 7 to block all outside calls after hours.

Thanks for the replies guys!
Posted By: ShawnC Re: TVA50 toll fraud problem - 11/23/11 05:56 PM
custom service menu, custom dialing menu same same!
Posted By: MichaelV Re: TVA50 toll fraud problem - 11/24/11 07:49 AM
Haha, was just making sure. The TVA has so many little hidden programming areas that are easy to miss.
Posted By: ShawnC Re: TVA50 toll fraud problem - 11/25/11 09:12 AM
yes thats why you are possibly getting sniped they are nooks and crannies if you are not aware!
Posted By: MichaelV Re: TVA50 toll fraud problem - 01/12/12 10:34 PM
Finally figured out what was happening. You are able to dial 801 from the auto/att and get a dial tone. What would allow a transfer to a trunk group access code of 801? The voicemail acts like it's an extension number and just transfers right to it. I was able to defeat it by removing the feature code, but I'm now wondering if all my Panasonics are capable of this. If transfer to CO is active in COS, is this what you get? I'm going to have to check a whole bunch of systems we have.
Posted By: Carl Navarro Re: TVA50 toll fraud problem - 01/13/12 03:59 AM
The answer is yes, TVA's let you dial any 3 digits and blindly transfer to those numbers.
You need to fix your COS to put VM ports into line restriction modes to prevent that from happening.

Carl...I learned the hard way by being off by one port :-)
Posted By: MichaelV Re: TVA50 toll fraud problem - 01/16/12 09:12 AM
Well, customer called and they somehow got in again. Trying to figure out what they are dialing to do this is a real pain.
Posted By: OBT Re: TVA50 toll fraud problem - 01/16/12 09:43 AM
go through the system and vm, they may have set fwds on a few groups/ extensions before you locked it down.
Posted By: MichaelV Re: TVA50 toll fraud problem - 01/17/12 07:58 AM
OK, I have the system locked down completely. I found out that you can also dial 91X, the system will transfer you to that, you get silence and then you can complete the number after. So I guess I'll have to set up some TRS tables for the voicemail, but I still need to allow CO to CO transfers as the owner likes to FWD his ext to his cell. Does Panasonic have a tech note somewhere on how to set up vmail ports to prevent toll fraud?
© Sundance Business VOIP Telephone Help