MERLIN LEGENDCommunications System Release 6.1
System Planning
555-661-112
Issue 1
August 1998
Customer Support Information
Page A-17Other Security Hints
A
Educating Operators 1
Operators and attendants need to be especially aware of how to recognize and
react to potential hacker activity. To defend against toll fraud, operators should
follow the guidelines below:
■ Establish procedures to counter
social engineering
. Social engineering is a
con game that hackers frequently use to obtain information that may help
them gain access to your communications system or voice messaging
system.
■ When callers ask for assistance in placing outside or long-distance calls,
ask for a callback extension.
■ Verify the source. Ask callers claiming to be maintenance or service
personnel for a callback number. Never transfer to
*
10 without this
verification. Never transfer to extension 900.
■ Remove the headset and/or handset when the console is not in use.
Detecting Toll Fraud 1
To detect toll fraud, users and operators should look for the following:
■ Lost voice mail messages, mailbox lockout, or altered greetings
■ Inability to log into voice mail
■ Inability to get an outside line
■ Foreign language callers
■ Frequent hang-ups
■ Touch-tone sounds
■ Caller or employee complaints that the lines are busy
■ Increases in internal requests for assistance in making outbound calls
(particularly international calls or requests for dial tone)
■ Outsiders trying to obtain sensitive information
■ Callers claiming to be the “phone” company
■ Sudden increase in wrong numbers
