[VoiceOps] A question about some international calling fraud to Eritrea

[Paul Timmins]

Can Fairpoint take the originating trunk group information and date from 
the LD carrier and correlate them in their cabs records to determine the 
originating trunk group / line?

-Paul


Matt Yaklin wrote:
>
> Hey all,
>
> I will try to explain this the best I can.
>
> We got a call from one of our long distance carriers today telling us
> that we had a spike of long distance international calls going through
> their switch. These calls were to Africa and the country name is Eritrea.
>
> The originating number is a customer of ours. The trick is that this
> customer uses resold ILEC POTs lines that has their long distance calls
> PIC'd to the carrier who called to warn us about the spike of odd call
> traffic.
>
> This customer of ours happens to be a large agency in NH who has the
> ability to look at CDRs directly from the 5ESS in Concord, NH. A rather
> special situation to say the least.
>
> They can state, with quite a bit of assurance, that these calls were not
> generated from their PBX/network as they cannot see any records for them.
>
> Also, as I checked earlier, these calls did not go through any of my
> switches/asterisk servers.
>
> So the customer and I are left wondering how these calls managed to get
> to this long distance carrier who warned us about the spike. The calls
> came into this long distance carrier from the Manchester, NH Fairpoint
> tandem.
>
> Naturally we will try to contact Fairpoint for assistance but I am not
> very hopeful at this point they will be much help.
>
> The long distance carrier who warned us tends to think that the calls
> were generated by our customer who has something SIP/PBX insecure but 
> when
> the customer has a link to look at CDR records right from the 5ESS he
> is rather sure that is not the case.
>
> I am trying to figure out creative ways this fraud can be happening if
> the customer is not at fault. One way is for a person who owns/operates
> a full blown switch to generate this type of fraud but it does seem
> unlikely.
>
> Any suggestions what I should be asking the long distance carrier who
> warned us about this?
>
> Any suggestions on how this type of fraud can be committed without
> the customer being the cause?
>
> Should I be grilling our customer one more time stating that since
> the originating number was theirs AND that it was PIC'd to the right
> long distance carrier... it is hard to imagine that someone could
> duplicate this fraud that easily?
>
> Thank you for your time. I hope I was clear enough to give you an
> idea of what is going on.
>
> matt at g4.net
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
>