HPE Community
IP Telephony - VCX
1752781 Members
5691 Online
108789 Solutions
New Discussion

900 number fraud

 
SOLVED
Go to solution
Justin_Goldberg
Valued Contributor

‎12-06-2011 08:31 PM

‎12-06-2011 08:31 PM

900 number fraud

 

We have a customer who's been hit with unauthorized toll charges or
fraud. I believe they're getting in via voicemail, and dialing out to the
900 numbers. When this happened a few months ago, they changed all the
vpn passwords, we reassigned those physical phones which were associated
with the extensions that placed the calls, and changed all of the
voicemail pins. But it's happening again, so I believe they must be
getting in via voicemail.

900 numbers both 900*, 1900*, 91900* and 9900* are blacklisted in the CoS
elements.

How can I know if they're placing the calls via hacking someone's
voicemail and getting dial-tone or getting in through the vpn? The
extensions that placed the calls have had registrations disabled, so it
could possibly be someone spoofing (outpulsing their number) and dialing
the 900 numbers.

 

0 Kudos
1 REPLY 1
John_Katzmaier
Valued Contributor

‎12-28-2011 01:44 PM

‎12-28-2011 01:44 PM

Solution

Re: 900 number fraud

Hi,

 

There is a feature called Virtual Calling Card that is enabled by default to allow placing calls from voicemail. The number of digits allowed for Virtual Calling Card should be reduced to 3 or 4 to only allow internal calls to be placed. Additionally, reduce the number of minutes allowed to 0. The feature should remain in place for Auto Attendants, so they can transfer calls to extensions (as long as your Auto Attendants are configured for that function). For that reason, it is critically important to choose a very complex voicemail password for Auto Attendant mailboxes. For more information, consult the HP Knowlegebase. Recent versions of VCX software have an additional Voicemail password security feature, to enforce complex passwords for voicemail boxes.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.