[asterisk-users] Transfer Fraud

jg webaccounts at jgoettgens.de
Fri Sep 13 15:12:45 CDT 2013


Is there a general recipe to avoid fraudulent calls under the following conditions?

A receptionist transfers calls as a callee (customers are calling) and as a caller (boss asks to 
call and then transfer to him), i.e. the Dial cmd for the internal context contains "Tt". Then 
an outside call would operate as a Local channel in an internal context after the first 
transfer. If the internal context allows to dial outside, which is quite common, then this can 
be abused by the outside caller.

An obvious solution is to disallow Local channels to call outside lines, but there are some 
possible side effects if Local channels are used explicitly. This would require adding a 
persistent channel variable (the ones with "__").

I apologize if this type of question has already been asked before.

jg



More information about the asterisk-users mailing list