防止造成欺诈

盗窃长途服务, 电信服务和收费欺诈有许多不同的形式. Understanding your telecommunications system and the techniques used by the criminals are key to limiting your vulnerability to this type of crime.


356平台 conducts network monitoring on a 7×24 basis for its own internal efficiency and productivity needs. If, 在监视的过程中, suspect traffic patterns are detected from a customer’s lines or services that may indicate Toll Fraud or hacking is taking place, 356平台 will take commercially reasonable steps to mitigate the customer’s exposure to financial impact.

这些步骤包括:

  • 通知客户和/或其356平台代表
  • Temporary suspension of Long Distance 服务 in whole or in part until the Customer’s Premise Equipment (CPE) is sufficiently secured. This suspension may take place without direct consent from the customer in extreme circumstances
  • 与客户就确保其CPE的最佳做法进行磋商

客户应对来自其线路的所有来电负全部责任, 服务和/或CPE, 不管谁发起了这些呼叫. 如果CPE被黑了, the customer hereby accepts and acknowledges that said hacking resulted from a weakness or exposure in the CPE and did not result from any action or inaction taken or not taken by 356平台. The customer accepts complete responsibility for the maintenance and security of their own CPE, including but not limited to proper password management and restriction of unneeded international, 除非合同另有规定,否则是总机或临时(1010)拨号. 因此,客户接受所有责任的电话和任何费用, charges or expenses resulting from those calls that result from their CPE security being breached or violated.

356平台 is not liable for any charges resulting from toll fraud or hacking incidents. 另外, 356平台 is not responsible or liable as a result of its fraud monitoring and/or network monitoring. Any detection of a fraud incident and subsequent notifications or actions taken by 356平台 is done as a value-add service and not in accordance with any obligations under an agreement between 356平台 and the customer. The network monitoring efforts are in no way to be understood or agreed to be an acceptance of responsibility on 356平台’s part for a toll fraud or hacking incident or charges that arise from the incident.

  1. 了解您的电讯系统:
  • 了解安全措施、固有的防御和安全特性
  • 确定漏洞;
  • 确保员工接受安全保障和程序方面的培训.
  • 评估旧系统-必要时更换/升级
  1. 了解为欺诈打开大门的途径:
  • IP路由器
  • / /公众开放端口访问
  • 语音信箱系统
  • 简单的密码
  • 直接进入系统通道(DISA)
  • 远程系统管理(维护端口)
  • 内直接拨号
  • 绑定中继和汇接网络业务
  • 调制解调器
  1. 监视和分析您的系统信息:
  • Study call detail records and review billing records (exception reports may provide a warning sign)
  • 了解自己的调用模式并回顾它们;
  • 检查语音邮件报告
  • Run IP access reports to determine unauthorized attempts to access your IP based phone system.
  • 只要可能,就监视有效和无效的调用尝试
  • 研究你的电话费
  1. 了解安全漏洞的迹象:
  • 抱怨系统总是很忙
  • Sudden changes in normal calling patterns such as increases in wrong number calls or silent hang-ups, 晚上, 周末和假日交通, 800和WATS电话, 国际电话, 和奇数调用(i.e. 曲柄/淫秽调用);
  • 语音信箱的长途电话
  • 长时间保持
  • 无法解释的900(聊天线路)呼叫
  • 任何未经授权的主干扩展段的高收费

 

如果你有一个IP启用系统:

安装防火墙:

  • Hardware or software – inspect network traffic; deny/permit passage based on rules.
  • 防火墙非常重要. 如果网络启用的PBX没有在防火墙后面,它将被黑客攻击.
  • Web/SSH访问只能通过白名单.
  • SIP通信应该由一个程序来监视, automatically banning offending IP addresses that are SIP scanning the equipment for access.
  • 如今,大多数IP PBX发行版都安装了IP安全程序. 如果没有,询问你的供应商是否有任何建议

 启用网络的PBX系统:

  • 确认PBX的软件版本是当前支持的版本, 定期开发安全补丁的长期支持版本. Also make sure that the core system is updated and patched for vulnerabilities that are discovered and published.
  • 如果您的软件版本不再被支持, 更新或迁移到一个更新的版本, otherwise you will not be able to obtain security patches for current and future exploits.
  • When calls are forwarded but not seen in the Graphical User Interface of the PBX administration, 检查电话系统数据库.
  • Identify the section that deals with call forwarding for any numbers or addresses that are possibly call forwarded. Attackers will mask their call forwarding in the database where most people never look.
  • 认真考虑咨询认证的专业人士进行任何安装, 维护或安全审计.
  • 不允许公众进入系统. 访问应该始终通过多因素身份验证VPN.
  • 从公共IP和端口的访问应该只通过白名单.

网络PBX系统被黑时: 

  • 如果该网页界面暴露在公共互联网上, then it will not matter how complicated the login password is for the administration, the attackers will just exploit the code on the interface to gain access and then dump every password.
  • In the event of a security breach it may be necessary to rebuild the system over again including formatting the disk or downloading the factory image if you have a trusted backup

 

适用于所有系统的提示:

系统配置:

  • Use account codes for all toll calling or at a minimum High cost (International, Caribbean)
  • Use random generation and maximum length for authorization codes and passwords
  • 停用所有未分配的授权码
  • 不允许通用或组授权码
  • 限制访问特定时间(工作时间). 在晚上、周末和节假日封锁所有长途电话
  • 在PBX级别限制不需要的拨号串.
  • 限制呼叫前转到本地呼叫,或者理想地完全删除它
  • 阻塞所有Operator Assist (0+), Conference or 3-way calling and 10XXXX calling from your PBX if this service is not necessary
  • 阻止、限制访问或要求助理协助接听海外电话
  • Establish policies on accepting collect calls and providing access to outside lines
  • 教育总机操作员和员工“社会工程”(i.e. 骗子——试图通过PBX获得呼叫权限或转移的骗子)
  • 保护设备室(锁住所有电话设备) & 连接帧)
  • 定期运行安全审计,检查PBX中的漏洞利用
  • 经常审核和更改所有有效的代码
  • Restrict Toll Free dialing from areas where there is no business requirement (this likely will need to be done through your Carrier).
  • 不允许直通拨号
  • 消除中继到中继的传输能力
  • 限制所有电话到900,976,950和411
  • Restrict all possible means of out-dial (through-dial) capability in your voice mail system
  • 考虑只允许服务人员协助的国际呼叫
  • 经常分析电话活动细节,发现异常活动
  • 如果可能,禁用DISA(直接向内系统访问). 如果不可能,使用DISA代码的最大数字数
  • 停用未分配的语音邮箱和DISA代码
  • 对抗社会工程, make sure that system administration and maintenance telephone numbers are randomly selected, 没有列出,并且它们偏离了其他业务号码的正常顺序
  • 在维护访问中使用多个级别的安全
  • 不允许无限制的登录尝试进入系统. 程序PBX在第三次无效尝试后终止访问
  • Enable system lock-out feature on voicemail – this allows only X attempts at password before someone is locked out
  • 监控呼叫转移活动
  • 粉碎任何列出PBX接入号码,密码或代码
  • Never divulge system information unless you know who you are actually communicating with
  • Test all PBX voice menus to ensure there’s no unintended routing or access exposure to outside lines or internal systems
  • Send e-mail reminders to all employees to change passwords on their voicemail periodically
  • 经常更改语音信箱的默认密码
  • 不要使用拼写常见单词或名字的“alpha”密码
  • 删除/修改所有默认密码
  • Immediately deactivate passwords and authorization codes to known terminated employees
  • 人员变更时,请及时修改所有密码
  • 删除所有前员工的语音信箱和邮件访问权限

语音信箱系统

  • 建立受控程序,设置和重置密码;
  • Change passwords regularly; MOST SYSTEMS HAVE FORCED PASSWORD CHANGES
  • 使用系统管理器框的最大长度密码 & 维护港口;
  • 禁止使用琐碎、简单的密码(i.e. 222, 123,你的姓,本地号码等等.);
  • 限制连续登录尝试次数不超过3次;
  • 更改所有出厂安装的密码;
  • Block access to long distance Trunking facilities, and collect call options on the auto attendant;
  • 阻止或删除所有不活动的邮箱;
  • 限制你的呼叫;
  • 在允许调用者转移到其他扩展的系统中, 屏蔽任何黑客可能用来打外线的数字, 特别是中继接入码;
  • 对您的系统和系统使用情况进行例行检查.