<html dir="ltr"><head><style id="axi-htmleditor-style" type="text/css">p { margin: 0px; }</style></head><body style="font-size: 10pt; font-family: Arial; background-image: none; background-repeat: repeat; background-attachment: fixed;">We do something similar in our environment. We have a per-tn blacklist that starts with all country codes except about 20 of them in it. If a customer calls to complain (I think one of them did this so far out of thousands), we remove a specific country from the list (or all of them).<br><br>Combined with a system that completely restricts international calling based on the customer's rolling 24 hour cost to us for international calls (we basically rate the calls every few minutes at the rates we're billed for them, and if you use over X amount at our cost over 24 hours, you get your international service shut off until we call you. The system sends a report to the account manager team and NOC and shuts them off instantly, and then the account managers work with the NOC to contact the customer offering technical assistance, and the account managers work with them on the financial side.<br><br>This strategy nearly eliminates losses on our side, because the account team knows what that traffic cost us, the NOC helps prevent the customer from further fraud by giving them advice or helping them, and the customer has to pay us maybe $100.<br><br>-Paul<br><br>On Tue, 02/25/2014 09:34 AM, "My List Account" <mylists@battleop.com> wrote:<br><blockquote style="border-left: 2px solid rgb(00, 00, 204); padding-left: 4px; margin-left: 16px;"><div style="null; null;"><meta http="http" equiv="Content-Type" content="text/html; charset=us-ascii"><meta name="Generator" content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";
color:black;}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle23
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle24
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--><div class="WordSection1"><p class="MsoNormal"><span style="color:#1F497D">I’m pretty sure it would ruffle some feathers around here if I sent that list out into the public domain. I can tell you that we basically go thought the rate deck and filter anyone that’s above X amount per minute and then throw in countries where customer’s hacked PBX’s send calls to. It’s not the most scientific method but it’s the most complaint free method.<o:p></o:p></span></p><p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="color:#1F497D">Richey<o:p></o:p></span></p><p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p><div><div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext"> John Curry [mailto:telecom7@gmail.com] <br><b>Sent:</b> Monday, February 24, 2014 4:21 PM<br><b>To:</b> 'My List Account'; voiceops@voiceops.org<br><b>Subject:</b> RE: [VoiceOps] Fraud<o:p></o:p></span></p></div></div><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal"><span style="color:#1F497D">Would you mind sharing your hi toll rate destination dial plan?<o:p></o:p></span></p><p class="MsoNormal"><a name="_MailEndCompose"></a><span style="color:#1F497D"><o:p> </o:p></span></p><div><div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext"> VoiceOps [<a href="mailto:voiceops-bounces@voiceops.org">mailto:voiceops-bounces@voiceops.org</a>] <b>On Behalf Of </b>My List Account<br><b>Sent:</b> Monday, February 24, 2014 1:48 PM<br><b>To:</b> <a href="mailto:voiceops@voiceops.org">voiceops@voiceops.org</a><br><b>Subject:</b> Re: [VoiceOps] Fraud<o:p></o:p></span></p></div></div><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal"><span style="color:#1F497D">Maybe I am missing something here but why does the carrier that delivers the fraudulent traffic to the Telco that’s in on the fraud pay the Telco that’s in on the fraud for the calls that are delivered to their network? Seems pretty simple, if you cut off their revenue stream they won’t have a reason to continue. <o:p></o:p></span></p><p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="color:#1F497D">I guess we all know there is no incentive for them to stop this practice because it’s a big cash cow for everyone except for the poor end user who is left holding the bag.<o:p></o:p></span></p><p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="color:#1F497D">Our default dial plan won’t let you dial these destinations so we don’t have a real issue with this abusive traffic. Most of our customers who use international go with one of our filtered dial plans that let them dial most of the world except for known fraudulent and high toll rate destinations.<o:p></o:p></span></p><p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p><p class="MsoNormal"><span style="color:#1F497D">Richey<o:p></o:p></span></p><p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p><div><div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext"> VoiceOps [<a href="mailto:voiceops-bounces@voiceops.org">mailto:voiceops-bounces@voiceops.org</a>] <b>On Behalf Of </b>Ryan Delgrosso<br><b>Sent:</b> Saturday, February 22, 2014 11:48 AM<br><b>To:</b> <a href="mailto:voiceops@voiceops.org">voiceops@voiceops.org</a><br><b>Subject:</b> Re: [VoiceOps] Fraud<o:p></o:p></span></p></div></div><p class="MsoNormal"><o:p> </o:p></p><p class="MsoNormal" style="margin-bottom:12.0pt">In most cases you will lose this customer. They don't see this as their responsibility (i.e. the credit card fraud defense) but the reality is their equipment was compromised due to their negligence. <br><br>If the customer is reasonable offer them your cost on the damages so its just a passthrough. Otherwise you can take them to court or just send them to collections. <br><br>BTW while many will advocate fraud detection and mitigation systems here, its been my experience (we wrote our own fraud system that out-performs our upstream carriers by hours) that if you detect fraud on a customer like this, and shut it down in minutes, and mitigate what could have been thousands of dollars in damage due to their mis-configured systems, reducing it to just tens or hundreds they will often still fight that amount and deny responsibility. The fraud system protects you, and by extension the customer, but the customers don't see it that way. <br><br>-Ryan<o:p></o:p></p><div><p class="MsoNormal">On 02/19/2014 02:09 PM, John Curry wrote:<o:p></o:p></p></div><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><p class="MsoNormal">I am new to your site. I was looking in the Archives and saw in November 2013 there were some of you who experienced fraud. We had a an Avaya IP Office customers system who got hit pretty bad. The customer is treating the fraudulent calls like credit card fraud and not taking any responsibility. Does anyone have any advice on how to persuade the customer take this issue seriously? His bill was racked up pretty good. Strangely and coincidentally Avaya came out with a security bulletin the end of December 2013 on this same issue. I tried to contact Avaya with no response. It seems as though someone has built a sniffer for the Avaya IP Offices and gleaning their registrations.<o:p></o:p></p><p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><o:p> </o:p></span></p><pre>_______________________________________________<o:p></o:p></pre><pre>VoiceOps mailing list<o:p></o:p></pre><pre><a href="mailto:VoiceOps@voiceops.org">VoiceOps@voiceops.org</a><o:p></o:p></pre><pre><a href="https://puck.nether.net/mailman/listinfo/voiceops" target="_blank">https://puck.nether.net/mailman/listinfo/voiceops</a><o:p></o:p></pre></blockquote><p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><o:p> </o:p></span></p></div>
_______________________________________________<br>VoiceOps mailing list<br><a href="mailto:VoiceOps@voiceops.org" target="_blank">VoiceOps@voiceops.org</a><br><a href="https://puck.nether.net/mailman/listinfo/voiceops" target="_blank">https://puck.nether.net/mailman/listinfo/voiceops</a><br></div></blockquote></body></html>