Toll Fraud Prevention - Avaya MERLIN MAGIX Maintenance And Troubleshooting Manual
Integrated system release 2.0 and earlier
Hide thumbs
Also See for MERLIN MAGIX:
- Release note (24 pages) ,
- System programming (2 pages) ,
- Configuration note (12 pages)
Table of Contents
Advertisement
When possible, restrict the off-network capability of off-premises callers, using calling
I
restrictions, Facility Restriction Levels (Hybrid/PBX mode only), and Disallowed List
capabilities. A prepared Disallowed List (number 7) is provided and is designed to prevent the
types of calls that toll-fraud abusers often make.
When possible, block out-of-hours calling.
I
Frequently monitor system call detail reports for quicker detection of any unauthorized or
I
abnormal calling patterns.
Limit Remote Call Forwarding to persons on a need-to-have basis.
I
Change access codes every 90 days.
I
Use the longest-length barrier codes possible, following the guidelines for passwords.
I
(See
''Choosing Passwords''
Toll Fraud Prevention
Toll fraud is the unauthorized use of your telecommunications system by third parties to make
long-distance telephone calls. Under the law, you, the customer, are responsible for paying part or
all of those unauthorized calls. Thus, the following information is of critical importance.
Unauthorized persons concentrate their activities in two areas with the MERLIN MAGIX Integrated
System:
They try to transfer out of the MERLIN MAGIX Integrated System to gain access to an
I
outgoing trunk and make long-distance calls.
They try to locate unused or unprotected mailboxes and use them as drop-off points for their
I
own messages.
The following is a discussion of how toll fraud is often perpetrated and ways to prevent
unauthorized access that can lead to toll fraud.
Physical Security, Social Engineering, and
General Security Measures
Criminals called hackers may attempt to gain unauthorized access to your communications system
and voice messaging system in order to use the system features. Hackers often attempt to trick
employees into providing them with access to a network facility (line/trunk) or a network operator.
This is referred to as social engineering. Hackers may pose as telephone company employees or
employees of Avaya or your authorized dealer. Hackers will go through a company's trash to find
directories, dialing instructions, and other information that will enable them to break into the
system. The more knowledgeable they appear to be about the employee names, departments,
telephone numbers, and the internal procedures of your company, the more likely it is that they will
be able to trick an employee into helping them.
on page 16.)
Customer Support Information
6
6
Toll Fraud Prevention
A-9
Advertisement
Chapters
Table of Contents
Troubleshooting
