- This topic has 2 replies, 1 voice, and was last updated 15 years, 1 month ago by Shirley.
18th October 2005 at 17:40 #30285ShirleyGuest
I am trying to get to the bottom of an on-going annoyance call scenario. I suspect it may be VoIP technology behind this but I do not have a way to confirm.
This is the situation:
Over the course of the last serveral months a number of our business associates have received annoying calls often at their homes and many times at night. The phone rings, they pick it up, they hear the phone ringing (as though they called someone). When the other person answers there is some confusion because both parties think they were called…some type of conference call?… If these parties talk with eachother, they find out that 12 times out of 15, they have a connection to my business. The people getting called are from various states within the US (but no Canadian or other country caller–that I am aware of).
I have verified the following:
1) no department in my organization is using an auto dialer.
2) I have tried to find a database in my organization that contains these phone numbers and have not found one database that contains every number that I am aware of.
We have done the following:
1) Three of the callees have done traces on the caller using *57. I have been given the phone number–it is a number in yet another state.
2) Each time we get a trace the calls “seem” to stop for a while–within a month or two they pick up again.
1) What technology situation would create this?
2) Could the number I am getting reported to me be spoofed? (If so, how and how would I know?)
3) Any suggestions at to what to do–my associates think that my company is doing this or that I have a compromised database…
Thanks for any help you can give.19th October 2005 at 01:24 #30286Wilson BoyrieGuest
Two or three diferent scenarios ,and none of them looks nice.
1)Someone is breaking into your phone switch, and making long distance calls via your switch and using the conference feature.
If you have a PBX at the office, disable the maintenance modem,or if it is a Nortel Switch look for a RAD unit (remote access device), that allows a technician to remotely configure your switch (very dandy also for hackers).
2)Someone is breaking into your voice mail.Calls could be going to a empty mail box, that hackers got into and they are using the “back door” to enter the system.
Make a inventory of unused mailboxes, specially the ones that have still default password.
Disable any mailbox that you are not sure about. Force everyone to change passwords.
3)And the worse case:You have service from a CLEC company that uses a channel bank and a T1 service to deliver phone lines and broadband internet to your location.
The channel bank have a public I.P. address exposed to the NET.
By breaking into the channel bank, you intercept the phone lines BEFORE they reach your phone equipment and restrictions.
You never will see this kind of activity on the normal reports.
I will check every phone call on your bill very closely. I almost guaranty long calls to places that you have no idea what they are.
This kind of calls are ALWAYS indications of hackers into your phone lines and equipment.
If you need help, post you e-mail and I will send you my contact info.
Wilson24th October 2005 at 16:55 #30287ShirleyGuest
Regarding Wilson Boyrie’s response:
I have verified that this source of these calls has nothing to do with my PBX. The calls are not originating here nor are they passing through our PBX.
I think that I have figured out the data source–someone is using our website as a base and then following the links to the associates’ own sites to get the phone numbers.
The question remaining is–what type of technology is being used. It appears as though the calls are coming from a personal residence. Are there hosted IP services that would provide (purposefully or incidentally) a conference calling or three way calling service? How difficult would it be to spoof this residence number? In other words–how confident can I be that the number being traced is really the number…???