Toll Fraud question

[ltw500]

Can someone detail what exactly you have to watch out for if you enable remote call forwarding in your phone switch.

Do you just have to be concerned that the user doesn't forward their phone to "somewhere expensive" and then use it to place their personal calls.. or are there other dangers as well? and if so what do we need to watch for?

Thanks..

 

[mikeydidit]

I am not sure that the remote call forwarding is as much the problem as the trunk to trunk transfer is to allow this feature to work. This allows a call to come in and the call to be routed back out over another trunk. This is where toll fraud comes into play.

On the "ch sys fea" page, one of the first items is the T to T transfer. Have this set to "restricted" then you can allow call forwarding by a COR/COS basis and help cut down on your chances of taking a hit.

Hell, there are no rules here - we're trying to accomplish something.
Thomas A. Edison

For the best response to a question, read faq690-6594

 

[ltw500]

okay, so if we allow trk to trk transfer what do we have to watch out for?

 

[rgtrgt]

also, locking down your intuity ports so folks cant 0 out or outcall to bad area codes

 

[mikeydidit]

Have this set to "restricted"

Then allow (only a few users) the less the better access through cor and cos.

Hell, there are no rules here - we're trying to accomplish something.
Thomas A. Edison

For the best response to a question, read faq690-6594

 

[ltw500]

so do I need to allow remote call forward and trunk to trunk transfer to those users?

Thanks!

 

[mikeydidit]

I prefer coverage remote as it really locks down the destination, but if you must allow the users this feature, keep it locked down as much (and to as few) as possible.

Hell, there are no rules here - we're trying to accomplish something.
Thomas A. Edison

For the best response to a question, read faq690-6594

 

[ltw500]

Is it the user's abusing it that I need to worry about? or outside threats?

 

[mikeydidit]

I would think more of an outside threat would be the problem. Keep it to the "have too's" and you will be OK.

Hell, there are no rules here - we're trying to accomplish something.
Thomas A. Edison

For the best response to a question, read faq690-6594

 

[cyberjamos]

If you regularly run the LIST CALL-FORWARDING command you can identify who's forwarded calls to where. Personally, I think the main risk here is internal users incurring extra costs on outbound calls (to mobiles?) when they're in the office or don't need it forwarded. I concur with Mikey in that remote-coverage paths provide the level of security since the destination is locked (only changeable by admins)

I'm presuming you're using mobiles as the remote destination? You could look at configuring 2 coverage paths, one that goes to internal VM(?) and the other that routes to remote destination - provision a VDN/Vector to prompt for extension then route to FAC for change coverage path for that extension?? Either that or use EC500?

Cheers,
NJ

PS: Please let me know if my advice has been of any use.

 

[rejackson]

So no one clearly explained how the toll fraud takes place but it sounds like the issue is outside callers having the ability to grab an outbound trunk and place calls using your system. Is that correct?

Is trunk to trunk transfer required for off net forwarding?

All of our long distance is under a contract with Qwest that forces the caller to enter a personal access code. It seems that would prevent this abuse. Even if it was an employee they would have to enter their code and be responsible for the call.