MERLIN LEGEND Communications System Release 5.0

Issue 1

System Manager’s Guide 555-650-118

June 1997

 

 

ACustomer Support Information

Toll Fraud Prevention

Page A-9

To minimize the risk of unauthorized access to your communications system:

Use an unpublished Remote Access number.

Assign access codes randomly to users on a need-to-have basis, keeping a log of all authorized users and assigning one code to one person.

Use random-sequence access codes, which are less likely to be easily broken.

Use the longest-length access codes the system will allow.

Deactivate all unassigned codes promptly.

Ensure that Remote Access users are aware of their responsibility to keep the telephone number and any access codes secure.

When possible, restrict the off-network capability of off-premises callers, using calling restrictions, Facility Restriction Levels (Hybrid/PBX mode only), and Disallowed List capabilities. In Release 3.1 and later systems, a prepared Disallowed List (number 7) is provided and is designed to prevent the types of calls that toll-fraud abusers often make.

When possible, block out-of-hours calling.

Frequently monitor system call detail reports for quicker detection of any unauthorized or abnormal calling patterns.

Limit Remote Call Forwarding to persons on a need-to-have basis.

Change access codes every 90 days.

Use the longest-length barrier codes possible, following the guidelines for passwords. (See “Choosing Passwords.”)

Toll Fraud Prevention

1

Toll fraud is the unauthorized use of your telecommunications system by third parties to make long-distance telephone calls. Under the law, you, the customer, are responsible for paying part or all of those unauthorized calls. Thus, the following information is of critical importance.

Unauthorized persons concentrate their activities in two areas with the MERLIN

LEGEND Communications System:

They try to transfer out of the MERLIN LEGEND Communications System to gain access to an outgoing trunk and make long-distance calls.

They try to locate unused or unprotected mailboxes and use them as drop-off points for their own messages.

The following is a discussion of how toll fraud is often perpetrated and ways to prevent unauthorized access that can lead to toll fraud.

Page 371
Image 371
Lucent Technologies 5 manual Toll Fraud Prevention