[asterisk-users] Transfer Fraud

Adrian Serafini wealwildwon at wombit.com
Fri Sep 13 15:39:19 CDT 2013


On 09/13/2013 04:12 PM, jg wrote:
> Is there a general recipe to avoid fraudulent calls under the 
> following conditions?
>
> A receptionist transfers calls as a callee (customers are calling) and 
> as a caller (boss asks to call and then transfer to him), i.e. the 
> Dial cmd for the internal context contains "Tt". Then an outside call 
> would operate as a Local channel in an internal context after the 
> first transfer. If the internal context allows to dial outside, which 
> is quite common, then this can be abused by the outside caller.
>
> An obvious solution is to disallow Local channels to call outside 
> lines, but there are some possible side effects if Local channels are 
> used explicitly. This would require adding a persistent channel 
> variable (the ones with "__").

create a separate context for outbound calls.



More information about the asterisk-users mailing list