Search of Knowledge Base Library of Articles & Videos:  
You are here: Knowledge Base > Installation
Fraudulent Call Mitigation For Phone Systems
Last Updated: 01/13/2012

Fraudulent Call Mitigation For Phone Systems

 

Recently, phone companies have increasingly been warning their customers about criminal activity targeting phone systems of all brands for fraudulent usage. Some of your TalkSwitch® customers may express concerns about their security triggered by these warnings.

 

You can assure your customers with confidence that TalkSwitch systems have a number of built-in security features that prevent fraudulent and unauthorized use.

 

This is a list of recommendations and best practices that you can share with concerned customers so they can ensure maximum security for their TalkSwitch systems.

 

Auto Route Selection

Configure Auto Route Selection to block international, toll charge and 900 numbers from being called. The best practice is to block any user who doesn't need to call these numbers to prevent anyone, including after hours staff or cleaners, from making charged calls.

See this link for details on how to block international calls:
 

 

Administrative Password

Ensure the system's administrative password is set, and change it regularly to prevent the possibility of abuse.
 
This is found in the TalkSwitch Management Software under Administration.

 

Voicemail Passwords

Ensure that all voice mailboxes are configured with 8-digit passwords to prevent unauthorized users from changing greetings or accessing messages. It is impossible to make calls from unauthorized voicemail access in a TalkSwitch system, but some phone company warnings have highlighted voicemail because of vulnerabilities in the PBXs of other manufacturers.
 
Each user can dial into their personal voicemail or you can dial ** + extension number from any phone to access the voicemail box (if using Direct Line Access there is an additional ** needed from an IP phone prior to doing this).

 

Unused Extensions

If an extension is not in use, disable it in the TalkSwitch Management Software.
 
See below for instructions on how to do this:
 

 

Common Area Phones

Remove line appearance keys from phones in common areas, and restrict outbound calling on them. Courtesy phones are the greatest risk, along with lunchroom phones and phones in areas the public can access.

 

Call Back/Call Bridge Passwords

Configure 8-digit passwords on any enabled call back/call bridge account, and use ARS to block calls with charges.

 

Call Detail Record Logging

Enable CDR to keep records of all calls, including calls that were attempted but blocked by ARS. The records show call times and extensions used.
 
This is enabled by clicking on Tools > Call Logging Output (CDR) and a new window will open.  On the drop down box on the top change from Deactivated to Store to file on TalkSwitch.  Click OK then File > Save.  You can access the CDR log through this window in the future by clicking View CDR Log under Logging.

 

EyeBeam/Xlite passwords

If you use these applications, change the default passwords. Always use the longest possible string and greatest possible variety of types of characters.

 

The Latest Software

Ensure you're running the most current version of the TalkSwitch Management Software to take full advantage of all security features.

 

 

If you have concerns about particular customers who have detected suspicious traffic, there are further protective steps you can take:

 

1. Disable TalkSwitch as Network Proxy/Registrar

If the customer isn't using VoIP branch to branch, this will result in negative responses to registration requests.

 

2. Disable UPnP

If the user has a VoIP-enabled unit but isn't using VoIP, this will prevent ports from being opened.

 

3. Change the SIP signaling port

If a user gets flooded by traffic, change the SIP signaling port. Most scanners search only on 5060. 



Was this article helpful?

Comments:
 

Related Articles
 > Issues dialing out - Message from Phone Company
 > Adding Telephone Lines
 > Line Calibration / Optimization
 > Configuring an External IP Phone
 > Using the TS-350i / TS-550i Phones (User Guides)
 > Using TS-9133i or TS-9143i or TS-9112i or TS-480i Phones (User Guides)
 > Cannot Connect Through the TalkSwitch Management Software
 > Phone Utility - Upgrade Firmware
 > Extension Can't Receive Calls
 > Can't Make or Receive Calls From Extension
 > Can't Access Voicemail
 > Static/Echo/Low Audio on the Phones
 > Talkswitch / Fortivoice 350i or 550i IP Phone Not Booting Up
 > How to Delete a Voice Mailbox Password or Reset Voice Mailbox
 > Update the phone system Firmware Manually
 > How to Update the TalkSwitch Management Software and Firmware
 > Caller ID for VoIP Numbers
 > Adding TS-350i, TS-450i, and TS-550i IP Phones
 > No Date and Time Stamp in Voicemail
 > Unable to Dial Out - Access Code Message
 > Configuring Analog Telephone Lines
 > Adding WAV Files to TalkSwitch System
 > VoIP Caller ID
 > Programming TS-9133i or TS-9143i Function Keys
 > Programming TS-480i Softkeys
 > Programming TS-450i Function Keys
 > Programming TS-350i Function Keys
 > Programming TS-550i Function Keys
 > Configuring an Auto Attendant Menu
 > Web Recovery Solution
 > Activating the PowerPack
 > Adding an Additional TalkSwitch Unit to the Network
 > Adding Remote Extensions (To Call Outside Cell Phones or Land Lines)
 > Setting up Call Handling (Local/Remote Extensions)
 > Configuring Auto Route Selection (ARS) to Block International Calling
 > Deactivating Users and Extensions
 > How to Reset Talkswitch Configuration Password
 > Changing the Date and Time of the TalkSwitch System
 > TS-450i/TS-550i Phone Locked (Screen is blank)
 > Unable to Log into BestDealTalk.com Account
 > IP phone Blinking Red and Yellow
 > Accessing Voice Mailbox from Outside Line
 > Static on the Line (Hardware Troubleshooting)
 > TS-850i Error: "No IP address" and "Ethernet disconnected"
 > On-Hold/Ringback Options
 > Using the Phonebook Directory via TalkSwitch Handset
 > Unable to Obtain IP Address
 > IP Phone Will Not Register
 > Ring Settings
 > Ring Settings
 > Defaulting/Rebooting TS-9133i Phone
 > Using GMX.com as Your E-mail Server
 > Setting up Email Service
 > Backing up you Talkswitch Configuration
 > Registering your Fortivoice / Talkswitch System
 > Best Deal Talkswitch - Technical Support Plans
 > Talkswitch Firmware Upgrades
 > Talkswitch Static (Gigabit Switch connection)
 > CP Log
 > Programming a Grandstream IP phone
 > CONFIGURING THE ROUTER
 > Talkswitch System Set-up Assistance, Administrator Training and Customonization Support
 > Answering additional incoming call with a call pickup
 > Internal Extensions Busy/ Going to Voicemail
 > Using command mode from an analog phone to retrieve the Talkswitch PBX IP address
 > LINE HUNT GROUPS
 > Rebooting a TalkSwitch Unit
 > Lights Blinking Left to Right on TalkSwitch Unit
 > Auto Attendant, Call Forwarding, and Voicemail Not Working- Language Options Problems
 > Bluetooth Pairing Issues
 > 860I handset and base pairing / registration issues
 > Configuring a Polycom SoundStation IP 6000 conference phone
 > Connecting PA system for overhead paging
 > Refuse Call Softkey Button
 > Forinet Voice System has an IP address of 0.0.0.0
 > 350I, 450I, 550I Firmware Recovery
 > TalkSwitch TS-850i or TS-860i IP phone randomly displays Ethernet Disconnected
 > Fortivoice Console dropping or losing calls
 > Polycom IP Phones
 > Date and Time issue on TalkSwicth / FortiVoice systems
 > Updating the Fortivoice Management Software and Firmware
 > Configuring an 860I as an external IP extension
 > Using X-Lite softphone with a Talkswicth / Fortivoice system
 > Fortivoice Management Software Line Optimization Issue
 > 860I wireless base station is not receiving an IP address
 > Cannot connect with management software due to IP address
 > SIP / Internet telephone connection issues
 > Talkswitch Auto-Discovery not working
 > Fortivoice 60 series IP phones and TalkSwitch compatibility
 > Transferring a console license to a new system
 > Manual firmware update for Fortivoice 350I/450I/550I Phones
 > Fon-360I phone randomly disconnects or just quit working
 > FortiVoice 350i telephone officially discontinued, x60I Series compatibility.
 > FortiVoice Click to Dial Software
 > FortiVoice Console Download and Configuration
 > FON-860i handset battery replacement
 > Resetting an Fortivoice FVC System to Factory Defaults
 > FortiVoice FON-870i phone system compatiblity
 > Error Message when opening Tallkswitch management software 6.12
 > IP Phone / Extension not working "User Busy"
 > Voice Mail Box prompts issue
 > Voice mail softkey missing on FON-360i, 460i and 560i phones
 > Changing Unit ID of a Talkswitch / Fortivoice System