sundance-communications.com/forum Forums TDM Business Telephone Systems Samsung Telephones & Systems Toll Fraud

I recently have a new job title added to my name: Samsung iDCS500 administrator. I don't know all of the ins and outs of this system. However, I've been asked to stop a severe case of toll-fraud.

I've deleted voicemail boxes from any extension that doesn't need one. I've also changed the default voicemail password and the system administration password.

However, it appears that somehow someone is still getting through and placing long distance calls through the system, so our LD carrier keeps cutting off our service.

Any suggestions of what to do next?

Contact your long distance carrier and have project accounting codes added to your lines. Then the carrier won't process the long distance call unless a code is provided.

Alternately, you could contact your Samsung provider and have SMDR information provided to you. That will tell you which extension made the call.

If you have phones located in public areas they should be toll restricted.

None of the actions you have taken so far will stop LD abuse however.

Toll restrict the voicemail ports in cos, also the out-call authorisation in eclass (Page 4 I think?) set off premis and long distance to NO.

This will sort it.

Thanks leemc1978. I've made the changes for out-call authorization. However, I don't know what you mean in reference to "Toll restrict the voicemail ports in cos". What is "COS"?

Hi leemc1978 means is that if you assign the voicemail posts with a class of service (COS) that has toll restrictions for dialing out then they cant call out.

Instead of restricting the ports that way just program the voicemail ports for answer only. This is done in station trunk use. It's a simple yes no thing for each station port in the voicemail. This programming is done in the system not the VM

what would happen in the case were the voicemail has auto attendant a you need to call a group or extn? or if when you are listening to a message you press 5 to call sender.

But if you restrict out international and national and maybe even cell phone you will be able to use these feature.

Please correct me if I am wrong.

by the way NZRQV7 how did you change the password did you go to each extn because if you only change it in the system setting it wont work.

No your not wrong, I was looking for easy and something a "new" system admin can handle. Stopping trunk dailing does not affect calling groups or stations.

If the goal is to stop all vm out bound this would work. If the manager understood COS and LCR then Yes by all means your way works too.

NZRQV7: I would have to say at this point you need to watch your smdr and locate the perp before you start restricting things all willy nilly. Just my 2.2 bits worth


Oh and you will need to know all (13) area codes for your area if you plan on using LCR

Another thought is DISA. If the company allows DISA the password may have been compromised or not changed after someone left the company.

I'm at a loss at how the VM could be running up LD charges so high that the carrier is dropping service. Certainly an out-call notification could be LD but a quick survey of the mailboxes would reveal that.

Set up a PC with Hyperterminal, or if Vista, Ponderosa and find out who is doing it first. Send the SMDR output there and log to a file. Tell SMDR to only log outgoing toll calls.

Anytime a customer requests that an SVMi be installed with no user passwords or worse yet, DISA, we note in their service log who said what.

We had one account with a Cadence a few years back that got hacked and processed about 27k in international LD in just a couple of days. Luckily, we were able to successfully argue that it was the LD carriers responsibility to have some type of toll fraud monitoring place. No different than if you suddenly start charging thousands of dollars on your Visa card and it is out of character.