Security Of Your System: Preventing Toll Fraud - AT&T MERLIN LEGEND Release 3.1 System Programming Manual

Customer Support Information
Security of Your System:
Preventing Toll Fraud
As a customer of a new telephone system, you should be aware that there is an
increasing problem of telephone toll fraud. Telephone toll fraud can occur in
many forms, despite the numerous efforts of telephone companies and
telephone equipment manufacturers to control it. Some individuals use electronic
devices to prevent or falsify records of these calls. Others charge calls to
someone else's number by illegally using lost or stolen calling cards, billing
innocent parties, clipping on to someone else's line, and breaking into someone
else's telephone equipment physically or electronically. In certain instances,
unauthorized individuals make connections to the telephone network through the
use of the Remote Access features of your system.
The Remote Access features of your system, if you choose to use them, permit
off-premises callers to access the system from a remote telephone by using a
telephone number with or without a barrier code. The system returns an
acknowledgment signaling the user to key in his or her barrier code, which is
selected and administered by the system manager. After the barrier code is
accepted, the system returns dial tone to the user. In Release 3.1 and later
systems, barrier codes are by default restricted from making outside calls. In
prior releases, if you do not program specific outward calling restrictions, the
user will be able to place any call normally dialed from a telephone associated
with the system. Such an off-premises network call is originated at, and will be
billed from, the system location.
The Remote Access feature, as designed, helps the customer, through proper
administration, to minimize the ability of unauthorized persons to gain access to
the network. Most commonly, phone numbers and codes are compromised
when overheard in a public location, through theft of a wallet or purse containing
access information, or through carelessness (for example, writing codes on a
piece of paper and improperly discarding it). Additionally, hackers may use a
computer to dial an access code and then publish the information to other
hackers. Enormous charges can be run up quickly. It is the customer's
responsibility to take the appropriate steps to properly implement the features,
evaluate and administer the various restriction levels, protect access codes, and
distribute access codes only to individuals who have been fully advised of the
sensitive nature of the access information.
Common carriers are required by law to collect their tariffed charges. While
these charges are fraudulent charges made by persons with criminal intent,
applicable tariffs state that the customer of record is responsible for payment of
all long-distance or other network charges. AT&T cannot be responsible for such
charges and will not make any allowance or give any credit for charges that
result from unauthorized access.
System Programming
A–9