MERLIN LEGEND Communications System Release 6.1 | Issue 1 |
Network Reference | August 1998 |
|
|
ACustomer Support Information
Other Security Hints | Page |
■Be suspicious of any caller who claims to be with the telephone company and wants to check an outside line. Ask for a callback number, hang up and confirm the caller’s identity.
■Never distribute the office telephone directory to anyone outside the company; be careful when discarding it (shred the directory).
■Never accept collect telephone calls.
■Never discuss your telephone system’s numbering plan with anyone outside the company.
Educating Operators | 1 |
Operators or attendants need to be especially aware of how to recognize and react to potential hacker activity. To defend against toll fraud, operators should follow the guidelines below:
■Establish procedures to counter social engineering. Social engineering is a con game that hackers frequently use to obtain information that may help them gain access to your communications system or voice messaging system.
■When callers ask for assistance in placing outside or
■Verify the source. Ask callers claiming to be maintenance or service
personnel for a callback number. Never transfer to *10 without this verification. Never transfer to extension 900.
■Remove the headset and/or handset when the console is not in use.
Detecting Toll Fraud | 1 |
To detect toll fraud, users and operators should look for the following:
■Lost voice mail messages, mailbox lockout, or altered greetings
■Inability to log into voice mail
■Inability to get an outside line
■Foreign language callers
■Frequent
■
■Caller or employee complaints that the lines are busy
■Increases in internal requests for assistance in making outbound calls (particularly international calls or requests for dial tone)
■Outsiders trying to obtain sensitive information
■Callers claiming to be the “phone” company
■Sudden increase in wrong numbers
