MERLIN LEGEND Communications System Release 6.0
System Manager’s Guide
555-660-118
Issue 1
February 1998
Customer Support Information
Page A-12Toll Fraud Prevention
A
■ Any time a call appears to be suspicious, call the Lucent Technologies BCS
Fraud Intervention Center at 1 800 628-2888 (fraud intervention for System
25, PARTNER
®
and MERLIN systems).
■ Customers should also take advantage of Lucent Technologies monitoring
services and devices, such as the NetPROTECT
SM
family of fraud-
detection services, CAS with HackerTracker
®
, and CAT Terminal with
Watchdog. Call 1 800 638-7233 to get more information on these Lucent
Technologies fraud detection services and products.
Security Risks Associated with Transferring
through Voice Messaging Systems 1
Toll fraud hackers try to dial into a voice mailbox and then execute a transfer by
dialing
. The hacker then dials an access code (either for Automatic Route
Selection or a pooled facility code) followed by the appropriate digit string to either
direct dial or access a network operator to complete the call.
NOTE:
In Release 3.1 and later systems, all extensions are initially and by default
restricted from dial access to pools. In order for an extension to use a pool
to access an outside line/trunk, this restriction must be removed.
Preventive Measures 1
Take the following preventive measures to limit the risk of unauthorized transfers
by hackers:
■ Outward restrict all MERLIN LEGEND Communications System voice mail
port extension numbers. This denies access to facilities (lines/trunks). In
Release 3.1 and later systems, voice mail ports are by default outward
restricted.
■ As an additional security step, network dialing for all extensions, including
voice mail port extensions, should be processed through ARS using dial
access code
.
SECURITYlALERT:
!
The MERLIN LEGEND Communications System ships with ARS
activated with all extensions set to Facility Restriction Level 3,
allowing all international calling. To prevent toll fraud, ARS Facility
Restriction Levels (FRLs) should be established using:
■ FRL 0 for restriction to internal dialing only
■ FRL 2 for restriction to local network calling only