[asterisk-users] fraud advice

SIP sip at arcdiv.com
Mon Oct 18 06:56:50 CDT 2010 

  On 10/14/10 9:10 PM, Jeff LaCoursiere wrote:
> Hi,
>
> Embarrassed as I am to write this, I am hoping for some advice.  One of
> our very first PBX installs, now six years old, was "taken advantage of"
> over the past few weeks.  A victim of sipvicious, I assume, that managed
> to guess one of the SIP passwords.  4000 calls to various middle eastern
> destinations have been placed, which ended up being sent over our
> customer's PSTN trunk, and of course there was no warning until the bill
> came today.  Unfortunately the bill only covered the first few days of
> this fiasco, and was only $700.  I am afraid the one that is on the way
> will be tens of thousands.  ONE CALL on the bill that just arrived was
> $200 (80 minutes to Sierra Leone).
>
> I'm sure this started out as a single scan.  It must have been posted,
> because I have at least ten IP addresses now that were placing calls via
> the same peer.  They are from all over the world.
>
> So what is the accepted procedure?  I'm in the US Virgin Islands, so do I
> go to the FBI?  Police?  Is their some telecom fraud body to report such
> things to?  Does any one ever get any relief from such events?
>
> I'm basically sick to my stomach right now.
>
> j
>
We were hit several times in our early days with PRS fraud that ended up 
costing us DEARLY. We contacted the FBI, but they were completely 
unhelpful. The origin of the caller was Egypt (using a network in Egypt 
that has long been a front for criminal activity, so the networking 
people on that end were less than useless), and the Egyptian cyber fraud 
division is two guys with a yahoo email address. The FBI contacted them, 
but they were neither equipped nor entirely willing to be of any real 
help in tracking down the perpetrator. It doesn't hurt to contact the 
FBI, though. They may already have an open investigation into the 
individual or group responsible and need the information for their case. 
But do not expect them to be able to do much.

Eventually, some of our debt was quashed by the provider who had 
violated their own policies in charging us for unlisted premium rate 
services, but it changed the entire way we do business.

Unfortunately, it's now MUCH more difficult to pay us money than it used 
to be, and that's turned a lot of customers off, but we've had no 
problems with PRS fraud since.


N.

More information about the asterisk-users mailing list