Security Of Your System; Preventing Toll Fraud - AT&T MERLIN LEGEND Release 3.1 System Planning Manual

Customer Support Information

Security of Your System:

Preventing Toll Fraud

As a customer of a new telephone system, you should be aware that there is an
increasing problem of telephone toll fraud. Telephone toll fraud can occur in
many forms, despite the numerous efforts of telephone companies and
telephone equipment manufacturers to control it. Some individuals use
electronic devices to prevent or falsify records of these calls. Others charge
calls to someone else's number by illegally using lost or stolen calling cards,
billing innocent parties, clipping on to someone else's line, and breaking into
someone else's telephone equipment physically or electronically. In certain
instances, unauthorized individuals make connections to the telephone network
through the use of the Remote Access features of your system.
The Remote Access features of your system, if you choose to use them, permit
off-premises callers to access the system from a remote telephone by using a
telephone number with or without a barrier code. The system returns an
acknowledgment signaling the user to key in his or her barrier code, which is
selected and administered by the system manager. After the barrier code is
accepted, the system returns dial tone to the user. In Release 3.1 and later
systems, barrier codes are by default restricted from making outside calls. In
prior releases, if you do not program specific outward calling restrictions, the
user will be able to place any call normally dialed from a telephone associated
with the system. Such an off-premises network call is originated at, and will be
billed from, the system location.
The Remote Access feature, as designed, helps the customer, through proper
administration, to minimize the ability of unauthorized persons to gain access to
the network. Most commonly, phone numbers and codes are compromised
when overheard in a public location, through theft of a wallet or purse
containing access information, or through carelessness (for example, writing
codes on a piece of paper and improperly discarding it). Additionally, hackers
may use a computer to dial an access code and then publish the information to
other hackers. Enormous charges can be run up quickly. It is the customer's
responsibility to take the appropriate steps to properly implement the features,
evaluate and administer the various restriction levels, protect access codes,
and distribute access codes only to individuals who have been fully advised of
the sensitive nature of the access information.
Common carriers are required by law to collect their tariffed charges. While
these charges are fraudulent charges made by persons with criminal intent,
applicable tariffs state that the customer of record is responsible for payment of
all long-distance or other network charges. AT&T cannot be responsible for
such charges and will not make any allowance or give any credit for charges
that result from unauthorized access.
A–9
System Planning