atcomsystems.ca/forum
Posted By: thagg CIX 40 Voicemail Hacked - 10/26/17 06:10 PM
Voicemail is calling out international numbers, How do I stop this

Thank you
Posted By: MarcO Qc Re: CIX 40 Voicemail Hacked - 10/26/17 06:34 PM
Apply DRL class that block 011 calls to the voicemail ports
Posted By: MarcO Qc Re: CIX 40 Voicemail Hacked - 10/26/17 07:36 PM
If it's an LVMU, IVP8, GVMU, GVPH or older Stratagy DK change the password of the Admin box 999
Posted By: thagg Re: CIX 40 Voicemail Hacked - 10/26/17 08:39 PM
GVPH
Posted By: thagg Re: CIX 40 Voicemail Hacked - 10/26/17 08:39 PM
Thank you all
Posted By: newtecky Re: CIX 40 Voicemail Hacked - 10/27/17 12:55 AM
I have seen a lot of this recently.

After changing mailbox 999 passcode, the hacked mailboxes still exist. If you have access to Toshiba FYI, there is a KB on how to prevent toll fraud.

You will need to log in with Stratagy VM manager and find mailboxes with extension that start with 91 or 901, or something simular. Sometimes they change the extension on one of the system mailboxes like 996. Other times they create a new mailbox.

Also add dialing restrictions is important. Instead of adding 011 as a restricted number, it is better to change DRL1 to an allow table and only allow NXX and 1NXX number. Also Destination restrictions have to be enabled in the OLG before it will work.

If you do not dial international, ask your phone service provider to block all international call. You still have to be careful because the hackers could dial 1010,and select a new long distance carrier to bypass the restrictions by your carrier.

Posted By: oi69 Re: CIX 40 Voicemail Hacked - 10/30/17 10:33 AM
all you need to do is set up DRL to only make 999 calls and put all the vm ports into that DRL so when the vm card has been hacked it cant do anything as the phone system wont allow it
Posted By: MarcO Qc Re: CIX 40 Voicemail Hacked - 10/31/17 12:23 PM
Originally Posted by oi69
all you need to do is set up DRL to only make 999 calls and put all the vm ports into that DRL so when the vm card has been hacked it cant do anything as the phone system wont allow it

This could become a problem if you use your voicemail to transfer calls to cellphone or other external service.
Posted By: newtecky Re: CIX 40 Voicemail Hacked - 10/31/17 02:53 PM
Originally Posted by MarcO Qc
Originally Posted by oi69
all you need to do is set up DRL to only make 999 calls and put all the vm ports into that DRL so when the vm card has been hacked it cant do anything as the phone system wont allow it

This could become a problem if you use your voicemail to transfer calls to cellphone or other external service.

This is true. In cases it will be the Toshiba tech that sets up any outside notifications or transfer, so you should be able to evaluate this per customer. If they do not have any notifications or offsite transfers you could not only restrict all outside calls in DRL, but also disable Tandem CO connections in COS.

Lately I have been setting up all VM ports with their own DRL that can only dial local numbers and nearby long distance numbers in an Allow DR table. The VM ports also get their own COS. If I don't setup offsite transfers than I will disable Tandem CO connection as well. Hopefully if another tech sets up offsite transfers in the future they will test it and realize the problem. If the customer only needs message notification then you can still leave Tandem CO connections disable.
© Sundance Business VOIP Telephone Help