[VoiceOps] A question about some international calling fraud to Eritrea

Matt Yaklin myaklin at g4.net
Fri Apr 16 19:50:29 EDT 2010

On Fri, 16 Apr 2010, Paul Timmins wrote:

> Can Fairpoint take the originating trunk group information and date from the 
> LD carrier and correlate them in their cabs records to determine the 
> originating trunk group / line?

That is exactly what we plan to do as the next step. We are asking our
long distance carrier for more information. As in the raw CDRs and a
bit of assistance from them on what value the trunk number matches up
to their circuits from Fairpoint, etc...

I am not sure if any of you have worked with Fairpoint since they bought
out some of Verizon but it is not very much fun to say the least. An ILEC
is a beast to begin with but then add in a buy out that did not go very
smoothly... sigh.

Thanks Paul for the advice.

matt at G4.net

> -Paul
> Matt Yaklin wrote:
>> Hey all,
>> I will try to explain this the best I can.
>> We got a call from one of our long distance carriers today telling us
>> that we had a spike of long distance international calls going through
>> their switch. These calls were to Africa and the country name is Eritrea.
>> The originating number is a customer of ours. The trick is that this
>> customer uses resold ILEC POTs lines that has their long distance calls
>> PIC'd to the carrier who called to warn us about the spike of odd call
>> traffic.
>> This customer of ours happens to be a large agency in NH who has the
>> ability to look at CDRs directly from the 5ESS in Concord, NH. A rather
>> special situation to say the least.
>> They can state, with quite a bit of assurance, that these calls were not
>> generated from their PBX/network as they cannot see any records for them.
>> Also, as I checked earlier, these calls did not go through any of my
>> switches/asterisk servers.
>> So the customer and I are left wondering how these calls managed to get
>> to this long distance carrier who warned us about the spike. The calls
>> came into this long distance carrier from the Manchester, NH Fairpoint
>> tandem.
>> Naturally we will try to contact Fairpoint for assistance but I am not
>> very hopeful at this point they will be much help.
>> The long distance carrier who warned us tends to think that the calls
>> were generated by our customer who has something SIP/PBX insecure but when
>> the customer has a link to look at CDR records right from the 5ESS he
>> is rather sure that is not the case.
>> I am trying to figure out creative ways this fraud can be happening if
>> the customer is not at fault. One way is for a person who owns/operates
>> a full blown switch to generate this type of fraud but it does seem
>> unlikely.
>> Any suggestions what I should be asking the long distance carrier who
>> warned us about this?
>> Any suggestions on how this type of fraud can be committed without
>> the customer being the cause?
>> Should I be grilling our customer one more time stating that since
>> the originating number was theirs AND that it was PIC'd to the right
>> long distance carrier... it is hard to imagine that someone could
>> duplicate this fraud that easily?
>> Thank you for your time. I hope I was clear enough to give you an
>> idea of what is going on.
>> matt at g4.net
>> _______________________________________________
>> VoiceOps mailing list
>> VoiceOps at voiceops.org
>> https://puck.nether.net/mailman/listinfo/voiceops

More information about the VoiceOps mailing list