Navigation: Configuration > Configuration Guide (Web Mode) > Configuring Toll Fraud Prevention >
This topic describes toll fraud scenarios and prevention measures.
Toll Fraud Scenarios
ϒ⁄Theft of the administrator account and password
A user illegally obtains the administrator account and password, logs in to the device as the administrator, and modifies configuration data, such as the number, trunk, and call detail record (CDR) configurations. By configuring the required number and trunk and disabling the CDR function, the unauthorized user can make fraudulent calls for which no CDR will be generated.
ϒ⁄Transfer by the automatic switchboard
As shown by line (1) in Figure 1, outer-office user B dials the automatic switchboard number of the company with the unified gateway A deployed, and dials user C's number when hearing an announcement or a two-stage dialing tone. If the call is connected by the automatic switchboard, user B is charged only for a local call, while the company must pay the toll call fee.
ϒ⁄Transfer through a trunk
As shown by line (2) in Figure 1, outer-office user C dials the incoming prefix configured on the unified gateway A, the outgoing prefix for making calls from the unified gateway A to the unified gateway B, and a toll number in sequence to make a toll call. For example, if 0 is the incoming prefix configured on the unified gateway A, and 00 is the outgoing prefix for making calls from the unified gateway A to the unified gateway B, user C can dial 0+00+123456789 to make a call to toll number 123456789.
ϒ⁄Unauthorized registration
As shown by line (3) in Figure 1, an authorized user who is registered with the unified gateway B by impersonating a registered user makes a call to outer-office user D. The call is completely free of charge to the unauthorized user.
ϒ⁄Misuse of call forwarding services
As shown by line (4) in Figure 1, user B illegally obtains the administrator account and password for logging to the unified gateway A or user A's self-service account and password, and enables the call forwarding unconditional (CFU) service for user A with user C's number configured as the forwarded-to number. When user B makes a call to user A, the call is forwarded to user C regardless of user A's status. User B pays only the local call fee to get connected to user C, while the company must pay the toll call fee.
Figure 1 Toll fraud scenarios
Recommended Prevention Measures
1.Prevent theft of the administrator right.
As long as the administrator right is used by an unauthorized user, configuration data may be modified and other prevention measures take no effect.
ϒ⁄Isolate private and public networks.
ϒ⁄Configure the administrator whitelist.
ϒ⁄Configure the user login right and login authentication.
2.Prevent calls from being transferred through a trunk and the VU.
The unified gateway determines whetherthe call rights of the calling party meet the prefix call attributes.
Figure 2 Determining calls over a trunk or the VU
Configure data on the unified gateway to prevent call fraud.
ϒ⁄Configure the prefix call attribute.
ϒ⁄Configure the call-out right.
ϒ⁄Configure the maximum number length for the VU.
ϒ⁄Configure the VU call-out right.
3.Prevent registration or login of unauthorized users.
When measures of 1 and 2 are taken, prevent SIP UE users from registering on the unified gateway or logging in to the self-help service without authorization. Configure an IP whitelist to prevent users using IP addresses not included in the whitelist to initiate registration to the unified gateway. If no IP whitelist is configured, unauthorized users can initiate registration to the unified gateway through the IP network. If password authentication is configured during digit allocation, registration becomes difficult. Unauthorized users can log in to the self-help service through the IP network. If the self-help service password is changed, login becomes difficult.
ϒ⁄Configure the IP whitelist.
ϒ⁄Configure password authentication for digit allocation.
ϒ⁄Change the self-help service password.
4.Configure call forwarding to prevent call fraud.
When the preceding measures are taken, properly configure the call forwarding service to prevent unnecessary call forwarding and save enterprise costs.
5.Limit the toll call duration and maximum number of concurrent toll calls.
ϒ⁄Limiting the toll call duration
The administrator can set the upper limits for each national toll call and international toll call to control the call costs of each user. When a user makes a national or international toll call, the call will be terminated and the user's national or international toll call rights will be locked if the duration of this call exceeds the upper limit. The user needs to ask the administrator to manually unlock the rights.
ϒ⁄Limiting the number of concurrent international toll calls
If the number of concurrent international toll calls made within a minute in the local office exceeds the upper limit, the system terminates all ongoing international toll calls and prohibits new international toll calls. Users can make international toll calls until the administrator manually unlocks the corresponding rights.
6.Configuring the Maximum Number Length for a Prefix.
To prevent unauthorized users from making toll fraud calls by adding number prefixes(such as 9+17909 nest dialing prefix), you are advised to configure different number lengths for different call properties. In the V2.0and later versions, the default maximum number lengths are as follows: 32 for intra-office calls, 13 for national toll calls, 32 for international toll calls, and 12 for local calls, local regeneration calls, local inter-office calls, and intra-office or local calls.
7.Deploy the CDR server.
Parent Topic: Configuring Toll Fraud Prevention