[asterisk-users] Transfer Fraud
Adrian Serafini
wealwildwon at wombit.com
Fri Sep 13 15:39:19 CDT 2013
On 09/13/2013 04:12 PM, jg wrote:
> Is there a general recipe to avoid fraudulent calls under the
> following conditions?
>
> A receptionist transfers calls as a callee (customers are calling) and
> as a caller (boss asks to call and then transfer to him), i.e. the
> Dial cmd for the internal context contains "Tt". Then an outside call
> would operate as a Local channel in an internal context after the
> first transfer. If the internal context allows to dial outside, which
> is quite common, then this can be abused by the outside caller.
>
> An obvious solution is to disallow Local channels to call outside
> lines, but there are some possible side effects if Local channels are
> used explicitly. This would require adding a persistent channel
> variable (the ones with "__").
create a separate context for outbound calls.
More information about the asterisk-users
mailing list