More important updated info on Toll Fraud as of 2016

Every sight is different so you will need to do what suits the customer.
These are optional and not mandartory since you maybe using some features.

See also Tip FAQ http://www.tek-tips.com/faqs.cfm?fid=7280 for those with a NAM

KSU/BCM:
-Disable DISA and/or change COS password to something more secure.
-Check the Remote Rectriction Filters and apply restrictions if you are using Auto Answer for any of your line.
-Setup restriction filters and have them applied to voice mail ports/DN's (if all users are to be restricted from out dial)
-Setup restriction filters and have them applied to lines and/or setup COS passwords to bypass restrictions.
-Disable Allow Redirect option for all sets.
Restriction example- Restrict 0 for overseas, 1 for local long distance, 900 for billing and 10 for those 1010 type services.

[highlight Yellow]BCM Update:[/highlight]
-Note that if your BCM allows users access to Mailbox Manager then you are at risk of being hacked.
-The login via the browser does not have a maximum attempts setting so it can be hacked easily from the outside world by an automated script
-The hacker will then change the External Transfer number that was probably pointing to the users mobile number.
-Port 80 and 443 are web browser ports that should be blocked in your router, VPN is a more secure choice from outside your network.
-More importantly via Callpilot Manager denying the mailbox or Class of Service access to any Pools or External transfer as well restrictions on the sets or lines will stop

Voice Mail
-Norstar Application Module (NAM) run the Toll Fraud Patches, see this link http://www.tek-tips.com/faqs.cfm?fid=7280 - Note that you can post in forum asking for a link.
-Callpilot 100/150 upgrade software to 3.1
-BCM's with Callpilot make sure you are upgraded to the latest BCM patches.
-Delete all unused mailboxes
-Have ALL users change mailbox passwords to 6 or 8 digit non-trivial passwords, including General Delivery and System manager mailboxes.
-Disable Outbound Transfer/Dial/Pool Access in admin programming (COS) for each mailbox.
-Disable the "enable external initialization" feature in COS
-Setup lockup mailbox after so many unsuccessful password attempts
-Program Dialing Translation Tables in Voice Mail Administration
-Set "Return to AA to No" on older mails to prevent ** access, note that this will effect what happens to callers after listening to an info mailbox.


Carrier/Telco
-Have them restrict oversea calls if you donÆt call overseas and/or have them setup passwords.
They maybe also be able to restrict certain digits (filter).
You may not need the Telco involved if you did the above but the choice is there.


Who called oversea's
Usually voice mail is the culprit from an outside hacker but DISA and forwarded sets can be an issue as well.
You would need to setup an SMDR to see what ext. made the call or run reports from voice mail....see your vendor for more details.

Suggested restrictions (use all or some depending on environment) based on North America:

* - Will prevent any attempt to override restrictions
0 - Will prevent Over Sea calls
1010 - Will prevent Over Sea calls or local long distance
1 - Will prevent local long distance (Exceptions to add are toll free numbers 1800,1888,1887,1866,1855,1844)
411 - Will prevent charges for using the service local Directory Assistance
1555 - Will prevent charges for using the service abroad Directory Assistance
700, 900, 976 (and 1700, 1900, 1976) Will prevent charges for using the Premium Rate Services