Educating Operators; Detecting Toll Fraud - Lucent Technologies MERLIN LEGEND Release 7.0 System Planning Manual

MERLIN LEGEND Communications System Release 7.0
System Planning 555-670-112
A Customer Support Information
Other Security Hints

Educating Operators

Operators or attendants need to be especially aware of how to recognize and
react to potential hacker activity. To defend against toll fraud, operators should
follow the guidelines below:
Establish procedures to counter social engineering . Social engineering is a
con game that hackers frequently use to obtain information that may help
them gain access to your communications system or voice messaging
system.
When callers ask for assistance in placing outside or long-distance calls,
ask for a callback extension.
Verify the source. Ask callers claiming to be maintenance or service
personnel for a callback number. Never transfer to *10 without this
verification. Never transfer to extension 900.
Remove the headset and/or handset when the console is not in use.

Detecting Toll Fraud

To detect toll fraud, users and operators should look for the following:
Lost voice mail messages, mailbox lockout, or altered greetings
Inability to log into voice mail
Inability to get an outside line
Foreign language callers
Frequent hang-ups
Touch-tone sounds
Caller or employee complaints that the lines are busy
Increases in internal requests for assistance in making outbound calls
(particularly international calls or requests for dial tone)
Outsiders trying to obtain sensitive information
Callers claiming to be the "telephone" company
Sudden increase in wrong numbers
7
7
Issue 1
April 1999
A-17