[VoiceOps] fraud protection
Scott Berkman
scott at sberkman.net
Mon May 14 15:33:50 EDT 2012
Ditto about Level 3 and XO, although in many cases their alerts are only an
hour or two behind us finding it.
One easy "tweak" that can help limit the impact of these is placing
concurrent call limits on International traffic in your switches or SBCs
based on your traffic trends. That way if you have sudden jump, not only is
there a cap on it, but in most systems you can be alerted that way as well.
-Scott
-----Original Message-----
From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org]
On Behalf Of Brandon Buckner
Sent: Monday, May 14, 2012 2:22 PM
To: voiceops at voiceops.org
Subject: Re: [VoiceOps] fraud protection
Level3 will notify us... about 24-48 hours after we've already discovered it
ourselves and taken appropriate action. ANPI is about at 4 hours or so.
Again, usually after we've already detected it. So while it's nice that
upstream carriers notify, it's usually well after a significant bill has
been racked up. It's best to be proactive on your own as much as possible.
I'm actively looking for more and better ways to be proactive ourselves
also. There are still some that get through the cracks now and then.
---
Brandon P. Buckner
-----Original Message-----
From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org]
On Behalf Of Eric Wieling
Sent: Monday, May 14, 2012 12:35 PM
To: Mark Kent; voiceops at voiceops.org
Subject: Re: [VoiceOps] fraud protection
Verizon Business, Level 3, and XO all notify us of possible fraud on
International calls, but I don't think they monitor for fraud on domestic
calls.
-----Original Message-----
From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org]
On Behalf Of Mark Kent
Sent: Monday, May 14, 2012 12:34 PM
To: voiceops at voiceops.org
Subject: [VoiceOps] fraud protection
Hello,
We just had an unfortunate compromise and racked up a large amount of calls
in a 12 hour period. The attack seems to be for financial gain in that the
most frequent destination is a conference call service in Poland, that
possibly keeps calls open waiting for a PIN to be entered.
Is there any basis for expecting that the upstream carrier should have some
protections that would limit our liability?
Thanks,
-mark
P.S. For those people who feel compelled to point out that we should have
(better) protection on our end: Yes, Thank you, message received!
_______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org
https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org
https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org
https://puck.nether.net/mailman/listinfo/voiceops
More information about the VoiceOps
mailing list