Re: Call Fraud

mpc_netsupport · ‎10-16-2018

Hi Team,

We have an issue with one of of customer, they had fraud call with high duration even until about 7 - 8 hours (on the same time and Phone)

The outbound call using FXO, and attached the show run

Mohammed al Baqari · ‎10-16-2018

What is required

Daniele Giordano · ‎10-16-2018

Hi, you can follow this guide to made the system more secure:

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucme/admin/configuration/manual/cmeadm/cmetoll.pdf

Anyhow, my personal suggestions are:

1) do not expose the system to internet if it's not mandatory

2) protect the system with ACL to avoid access from third party or external attackers

3) block all 'premium' or 'expensive destinations'

4) use always authentication communications with very strong password

5) patch the system using last release

6) block international destinations using PIN

7) ask to your provider to block premium and expensive destinations

Regards.

Dennis Mink · ‎10-16-2018

Before you implement all these items I suggest you find out how they were able to make these scripted flag fall calls. because you might have an exploit that you are not aware of.

Have you got any idea how these calls were made, I mean you know the outbound path. i.e. through the FXO port, but how was this triggered from external, have you got a VCS expressway pair by any chance?

Please remember to rate useful posts, by clicking on the stars below.