[VoiceOps] Fraud

Ujjval Karihaloo ujjval at simplesignal.com
Mon Feb 24 14:41:28 EST 2014


That is what our experience has been. The call origination IP is in
countries that the Abuse email isn't even monitored.

We have had reports to FBI, our upstream carriers, but no luck getting
anywhere with these investigations.

-----Original Message-----
From: VoiceOps [mailto:voiceops-bounces at voiceops.org] On Behalf Of Matt
Yaklin
Sent: Monday, February 24, 2014 12:31 PM
To: My List Account
Cc: voiceops at voiceops.org
Subject: Re: [VoiceOps] Fraud





On Mon, 24 Feb 2014, My List Account wrote:

>
> Maybe I am missing something here but why does the carrier that
> delivers the fraudulent traffic to the Telco that?s in on the fraud pay
the Telco that?s in on the fraud for the calls that are delivered to their
network?   Seems pretty simple, if you cut off their revenue stream they
won?t have a reason to continue.
>

I would also like to add into this question:

I realize it can be very difficult to track down the hacker generating
these SIP calls from stolen credentials because they can hide behind TOR
or other proxies... (Somehow I doubt they all do. Some are probably
terribly stupid and doing it from their home internet conncetion).

But where the calls are going can be tracked right to the switch that has
the CDN on it. Thus you have the owners of the numbers nailed down as well
as the telephone company providing the service. Why are they not grilled
as to why hackers are generating calls to their numbers and if determined
to be part of the fraud arrested and taken to court?

Is it because these telephone companies are in countries where corruption
is rampant and they are greasing the right palms to stay out of trouble?

matt

>
>
> I guess we all know there is no incentive for them to stop this practice
because it?s a big cash cow for everyone except for the poor end user who
is left holding the bag.
>
>
>
> Our default dial plan won?t let you dial these destinations so we
> don?t have a real issue with this abusive traffic.   Most of our
customers who use international go with one of our filtered dial plans
that let them dial most of the world except for known fraudulent and high
toll rate destinations.
>
>
>
>
>
> Richey
>
>
>
> From: VoiceOps [mailto:voiceops-bounces at voiceops.org] On Behalf Of
> Ryan Delgrosso
> Sent: Saturday, February 22, 2014 11:48 AM
> To: voiceops at voiceops.org
> Subject: Re: [VoiceOps] Fraud
>
>
>
> In most cases you will lose this customer. They don't see this as their
responsibility (i.e. the credit card fraud defense) but the reality is
their equipment was compromised due to their negligence.
>
> If the customer is reasonable offer them your cost on the damages so its
just a passthrough. Otherwise you can take them to court or just send them
to collections.
>
> BTW while many will advocate fraud detection and mitigation systems
> here, its been my experience (we wrote our own fraud system that
> out-performs our upstream carriers by hours) that if you detect fraud on
a customer like this, and shut it down in minutes, and mitigate what could
have been thousands of dollars in damage due to their mis-configured
systems, reducing it to just tens or hundreds they will often still fight
that amount and deny responsibility. The fraud system protects you, and by
extension the customer, but the customers don't see it that way.
>
> -Ryan
>
>
> On 02/19/2014 02:09 PM, John Curry wrote:
>
>       I am new to your site. I was looking in the Archives and saw in
November 2013 there were some of you who experienced fraud. We had a an
Avaya IP Office customers system who got hit pretty bad. The
>       customer is treating the fraudulent calls like credit card fraud
and not taking any responsibility. Does anyone have any advice on how to
persuade the customer take this issue seriously?  His bill was
>       racked up pretty good.  Strangely and coincidentally Avaya came
out with a security bulletin the end of December 2013 on this same issue.
I tried to contact Avaya with no response. It seems as though
>       someone has built a sniffer for the Avaya IP Offices and gleaning
their registrations.
>
>
>
>
> _______________________________________________
>
> VoiceOps mailing list
>
> VoiceOps at voiceops.org
>
> https://puck.nether.net/mailman/listinfo/voiceops
>
>
>
>
>


More information about the VoiceOps mailing list