Manualshelf

System information

ManualsBrandsAT&T ManualsNetwork RouterDEFINITY Remote Port Security Device
21222324252627282930
Detecting Voice Mail Fraud
Issue 1 October 1997
xxix
Call Detail Recording
With Call Detail Recording activated for the incoming trunk groups, you can
check the calls into your voice mail ports. A series of short holding times may
indicate repeated attempts to enter voice mailbox passwords.
NOTE:
Most call accounting packages discard this valuable security information. If
you are using a call accounting package, check to see if this information
can be stored by making adjustments in the software. If it cannot be stored,
be sure to check the raw data supplied by the CDR.
Review CDR for the following symptoms of voice messaging abuse:
Short holding times on any trunk group where voice messaging is the
originating endpoint or terminating endpoint
Calls to international locations not normal for your business
Calls to suspicious destinations
Numerous calls to the same number
Undefined account codes
NOTE:
Since CDR only records the last extension on the call, internal toll abusers
transfer unauthorized calls to another extension before they disconnect so
that the CDR does not track the originating station. If the transfer is to your
voice messaging system, it could give a false indication that your voice
messaging system is the source of the toll fraud.
For G2:
Use P275 W1 F14 to turn on the CDR for incoming calls.
Use P101 W1 F8 to specify the trunk groups.
Call Traffic Report
This report provides hourly port usage data and counts the number of calls
originated by each port. By tracking normal traffic patterns, you can respond
quickly if an unusually high volume of calls begins to appear, especially after
business hours or during weekends, which might indicate hacker activity.
For G2 and System 85, traffic data is available via Monitor I which can store the
data and analyze it over specified periods.