Yup, some so Thursday I have to go a new clients site, since someone determined that there BCM is making international calls at 3am is somehow an inside wiring issue. If anyone is bored, I'm currently trying to research several things since I'm in a bit of a bind. But ultimately has anyone else had this sort of issue?
Secondly, isn't there a way to disable the BCM50 from placing international calls? I really haven't played with the settings on the BCM50 at all, since most the problems I encounter with them are cross connect issues.
Full Summary of what I know if anyone is interested, and I'd say a laugh, but someone died of a heart attack. In a nutshell a company moved into an office, and re-used the existing BCM50 by calling the business card on the machine. Unfortunately it was a one man show, and they had a heart attack, and now the company is "up the creek" with out any log ins, passwords, and is bot dialing overseas.
This is not a 3X8 system.
You should call a qualified vendor for this one, they will know how to lockup the system and restrict calls and do a level reset to revert system since you do not know the password.
The main thing in the meantime is make sure that ALL mailbox passwords are not easy like 1111 or 1234 etc since it is most likely the hacker got into that mailbox using those passwords then the setup or changed the mobile number of the user to one that is over seas.
Problem is you probably have mailboxes you cant even access.
Get that tech in, there is a few in Ohio.
I agree with Curly - this is an easy fix for someone that knows what they're doing with the BCM. I've seen several Nortel systems get hacked the same way & there are methods for securing it not only from making international calls but to be sure it doesn't get used as a hop between local systems before the call goes overseas.
It's an interesting scenario, so figured I'd share it. I'm assuming its not a crazy fix, but basically unlocking the system, auditing the settings, and setting restrictions; but there new company taking over there networking and phones classified this as an insider wiring issue, and I'm going out there to "check the inside wiring".
Figured I could point them in the right direction, since I highly doubt that this is a true IW issue.
It's not an inside wiring issue - one or more voicemail boxes were hacked and had their off-site transfer settings changed.
....but there new company taking over there networking and phones classified this as an insider wiring issue, ...
Bet it's a CG or IT company, so good luck with that issue. they're already pointing fingers...
My favorite was a Panasonic system that was being hacked. I KNOW I put the COS restrictions on the VM port, but the calls kept coming. I did just about everything, including shutting down International access and restricting ARS tables, etc, but nothing seemed to work.
Then the guy with the extension BEFORE the VM port told me he couldn't call a specific area code.
Haven't had a problem since....
Carl
Went out to the site earlier week, and with great sarcasm it was determined not to be an IW issue. Apparently the default of PlsChgMe! was to hard to remember, and records indicate that the admin password was changed to... "admin". What a shocking surprise. Which magically changed again, along with there primary voice mail password to check it, and the company blocked international calls at an LEC level to resolve this issue, and are still debating if they want to fix the issue, or just leave it be.