Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsOne New Zealand (including Vodafone, WxC, Farmside)[WXC/VFX] VFX and phone scams?
Gordy7

1875 posts

Uber Geek

ID Verified
Lifetime subscriber

#21150 17-Apr-2008 10:12
Send private message


I read that Testra custommers in Aussie have been hit by phone scams and big bills.

Can the VFX system be subject to scam systems?

What protection exists?

Can a user be protected from scamming bills?

Can a user set a cap with VFX to prevent a phone bill run-away?

Cheers




Gordy

 

My first ever AM radio network connection was with a 1MHz AM crystal(OA91) radio receiver.

Create new topic
Gordy7

1875 posts

Uber Geek

ID Verified
Lifetime subscriber

  #124318 17-Apr-2008 10:42
Send private message

Read Telstra...




Gordy

 

My first ever AM radio network connection was with a 1MHz AM crystal(OA91) radio receiver.

 
 
 
 

GoodSync. Easily back up and sync your files with GoodSync. Simple and secure file backup and synchronisation software will ensure that your files are never lost (affiliate link).
freitasm
BDFL - Memuneh
78947 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

#124320 17-Apr-2008 10:47
Send private message

What kind of scams? the VFX service uses certified hardware, locked to their MAC addresses and other configuration settings. Pretty hard for the usual scammer who problably wants a fast buck on stolen calls - it would be a lot more effort than the return I guess.




Please support Geekzone by subscribing, or using one of our referral links: Mighty ApeSamsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup

 

My technology disclosure

Gordy7

1875 posts

Uber Geek

ID Verified
Lifetime subscriber

  #124350 17-Apr-2008 11:43
Send private message


Hacking into phone systems... and it is to do with cards.

Probably news media inflation...

Link to NZ Herald item:

http://www.nzherald.co.nz/section/story.cfm?c_id=5&objectid=10504614




Gordy

 

My first ever AM radio network connection was with a 1MHz AM crystal(OA91) radio receiver.



joshp
205 posts

Master Geek

Trusted
WorldxChange

  #124358 17-Apr-2008 12:00
Send private message

Security of a customers PABX is solely up to the customer, short of applying toll bars on a customers account there is not much we can do.  We do however set a credit limit on your account at which point if the total bill amount is over this limit your number will be blocked on our system.. if you which to set this limit to a level that you are comfortable with you should be able to ring through to our helpdesk/customer service to have this set for you.

Sorry I should also point out in here.. VFX is locked down for these reasons exactly.. we control the configuration and the auth details to avoid things like this from happening, if you have VFX on your Asterisk box however it is up to you to ensure that it is protected.

Hope this helps.

Cheers

Josh




http://wxc.co.nz

DribblingBadger
9 posts

Wannabe Geek


  #124403 17-Apr-2008 15:21
Send private message

I spent several years consulting on voice security in the UK for the likes of the Ministry of Defence, UN, local government, law enforcement agencies and private companies.  Although my consultancy covered all aspects of voice security such as call encryption, evesdropping and war-dialling a large section of my work was around discovering, quantifying and preventing toll fraud.  This is exactly the type of scam that has been publicised in this mornings Herald.

In short the fraud is usally achieved by dialling into a pabx that is local to you and then dialling out to an international destination from the PBX.  You pay for a local call and the PBX owner pays for the second leg international call.  The facility to do this is usually called DISA (direct inward subscriber access) and used to be very popular when international calls were still considered expensive.  The legitimate use for such a facility would usually be something like 'company A does alot of business with company B in the UK.  Executives at company A need to call Compnay B a great deal in the middle of the night.  Rather than incur large toll bills on the executives home number we will use DISA.

DISA is not so popular these days as companies freely give mobile phones to their users, plus international calls have come down enormously in the last 10 years.  If DISA is required (as it can be used for other purposes) then as with all these things it needs to be configured correctly.

1. Authentication through CLI
2. password authentication should lock users out after 3 attempts
3. the lock out should reset after X minutes
4. if 3 more failed attempts are made then the lock out time should double i.e. 2 x X
5. regular daily reporting needs to be performed on that DISA number to monitor for fraud
6. thresholds should be applied to the facility so that 1,000's of calls/dollars cannot be racked up in a single night
7. staff such as operators need to educated about transferring external callers to external numbers.

Telstra and WxC are correct when they say it is the customers responsibility to ensure that their PABX is configured correctly against toll fraud.  HOWEVER, I personally believe that all telcos have the responsability to monitor circuit usage and when obvious fraud is occurring the ability to shut that circuit down.  BT resisted this for years, but once one of their competitors offered the service then everyone started to.


Incidentally, the largest fraud I ever discovered was over £1,000,000  that the customer knew nothing about as they didn't report on / check their bills. And that was a police force !!!!


cheers

db

nate
6472 posts

Uber Geek

Retired Mod
Trusted
Lifetime subscriber

  #124465 17-Apr-2008 18:40
Send private message

Just like having a www/email/ftp server open to the world, keeping a close eye on your logs will keep you out of trouble.

Niel
3267 posts

Uber Geek

Trusted

  #124488 17-Apr-2008 19:12
Send private message

...except that with a "simple" phone line you do not expect customers to know about even the simplest of security measures.  On credit cards they will monitor your purchases and either contact you or block unusual purchases.  I'm sure WxC has thought of this and many other things, but locking down the device and MAC address is probably the most effective/economical way of doing it.




You can never have enough Volvos!



Gordy7

1875 posts

Uber Geek

ID Verified
Lifetime subscriber

  #124535 17-Apr-2008 21:10
Send private message


It is good to have the experience of DribblingBadger explain the fraud mechanics.

It is reasuring to know that ordinary users of WxC have no real worries with the security measures that are in place.

Cheers

Gordy




Gordy

 

My first ever AM radio network connection was with a 1MHz AM crystal(OA91) radio receiver.

Create new topic





News and reviews »

Synology DS925+ Review
Posted 23-Apr-2025 15:00

Synology Announces DiskStation DS925+ and DX525 Expansion Unit
Posted 23-Apr-2025 10:34

JBL Tour Pro 3 Review
Posted 22-Apr-2025 16:56

Samsung 9100 Pro NVMe SSD Review
Posted 11-Apr-2025 13:11

Motorola Announces New Mid-tier Phones moto g05 and g15
Posted 4-Apr-2025 00:00

SoftMaker Releases Free PDF editor FreePDF 2025
Posted 3-Apr-2025 15:26

Moto G85 5G Review
Posted 30-Mar-2025 11:53

Ring Launches New AI-Powered Smart Video Search
Posted 27-Mar-2025 16:30

OPPO RENO13 Series Launches in New Zealand
Posted 27-Mar-2025 05:00

Sony Electronics Announces the WF-C710N Truly Wireless Noise Cancelling Earbuds
Posted 26-Mar-2025 20:37

New Harman Kardon Portable Home Speakers Bring Performance and Looks Together
Posted 26-Mar-2025 20:30

Data Insight Launches The Data Academy
Posted 26-Mar-2025 20:21

Oclean AirPump A10 Portable Water Flosser Wins iF Design Award 2025
Posted 20-Mar-2025 12:05

OPPO Find X8 Pro Review
Posted 14-Mar-2025 14:59

Samsung Galaxy Ring Now Available in New Zealand
Posted 14-Mar-2025 13:52








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







GoodSync is the easiest file sync and backup for Windows and Mac



RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
Hatch
GoodSync
Backblaze backup
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright