[VoiceOps] Interesting lead on international fraud

PE peeip989 at gmail.com
Tue May 14 15:07:37 EDT 2013 

J,

Is there an easy way to get the data from the twitter feed in a list
format? This is great info. Thanks


On Mon, May 13, 2013 at 12:57 PM, J. Oquendo <joquendo at e-fensive.net> wrote:

> A while back, when I started streaming to Twitter
> (https://twitter.com/efensive) I had wanted to post the
> numbers being dialed by fraudsters so that others would
> be able to see these numbers and block them. Difficult
> to get a list of numbers called, in fact, I would hope
> that no one would have a number to add, as that would mean
> one was compromised. However, if anyone wants to share
> #'s being dialed fraudulently, I will add them to the
> Twitter stream and perhaps make an all inclusive list
> freely available.
>
> I added a few here and there, but I have also taken a lot
> of proactive steps to reduce fraud. (Hello Jim and others
> at Transnexus ;)) This is what I (we were I work) have
> done.
>
> I parse the logs on my SBCs on an hourly basis. The log
> parsing does two distinct things, 1) tallies the volume
> of calls, and two dissects which calls are going to
> high rated areas.
>
> STEP 1)
> Download SBC logs
> Perform a count against client trunks
> Compare that count against a 90 day baseline
> Report anomalies
>
> This allows me to see when a trunk is generating a lot of
> calls. Period
>
> STEP 2)
> Parse through SBC logs
> Parse out DESTINATION (country code area code)
> Check DESTINATIONS against a rate deck where price exceeds
> N amount per minute (I have this set to about .21 (USD) per
> minute. Report which trunk is making that call.
> The reporting is automated and if anomalies are detected,
> emails are sent and ALSO a call is generated to a group so
> that we will know ASAP that something has happened.
>
> We use Transnexus in ONE of our facilities, but have legacy
> Netrakes in another. So we had to improvise.
>
> --
> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> J. Oquendo
> SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM
>
> "Where ignorance is our master, there is no possibility of
> real peace" - Dalai Lama
>
> 42B0 5A53 6505 6638 44BB  3943 2BF7 D83F 210A 95AF
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20130514/bcbbcc8b/attachment.html>

More information about the VoiceOps mailing list