Overview

Toll fraud is the fraudulent, illegal use of a company's telecommunications system by a third-party (hacker) from a remote location. The most common toll fraud is international toll-fraud whereby hackers obtain access to passwords and accounts in order to exploit them for international calls. Smarsh Hosted Services VoIP services use the public Internet to connect the Smarsh Hosted Services Network to your customers PBX or Phone. This can create new opportunities for fraud that can be prevented.

How do they do it?

Internet criminals can scan the public internet for applications that make phone calls. Once they detect these applications they then attempt to crack the authentication credentials. Once they have pirated the device or authentication credentials they have the ability to make phone calls, which the customer will be charged for.

 Requirement on How to Protect the Phone System

SIP-based VoIP enabled PBX or SIP phones connected to Smarsh Hosted Services servers via our SIP trunking service must be installed in a secure trusted zone behind a Firewall and not exposed to the public internet. This means the PBX or SIP phones should never be put into a router's DMZ (allows untrusted access).

The firewall must block all inbound internet (untrusted) traffic to the PBX or SIP phones. The firewall can be configured to allow inbound traffic from trusted devices from remote (satellite) locations. Filtering based on source or destination address is useful because it enables you to allow or deny traffic based on the computers or networks that are sending or receiving the traffic.

You do not have to block outbound traffic from your private network to the internet, but Network-Address-Translation, or "NAT" must be enabled. NAT allows the Smarsh Hosted Services Service to send calls to the PBX or SIP Phones. If the firewall has multiple NAT settings, you must select the NAT setting that "Address Restricted" and not "Endpoint Independent". If you do want to limit outbound internet traffic on the firewall, then you need to open SIP related ports on the firewall to allow Smarsh Hosted Services's Service to function properly.

Review the article for more details on Network Ports and Protocols for HPBX Phones


Obligations: T&Cs

Smarsh Hosted Services Terms and Conditions states the following: Customer understands that the use of the Services requires a network firewall at the Customer premises. Customers must deploy firewalls designed to enhance security for SIP-based VoIP applications and services. Any fraudulent use of Customer's Services due to a lack of acceptable firewall security is solely the responsibility of Customer, and Smarsh Hosted Services

We will not credit customer for these charges. Customer hereby indemnifies Smarsh Hosted Services against any responsibility for damages, consequential or otherwise that arise from an unprotected network. Customer also acknowledges that Smarsh Hosted Services may block without notice traffic reported by its carriers as potentially fraudulent.

International Calling Must Be Requested

To further protect your customer, when you order services you have the option to enable or disable international and high cost areas (see North American High Cost Areas). If a customer does opt to disable international calling, this feature can be enabled at a later time.

North American High Cost Areas
NPA Country NPA Country
684 American Samoa 671 Guam
264 Anguilla 876 Jamaica
268 Antigua and Barbuda 664 Montserrat
242 Bahamas 787 Puerto Rico
246 Bahamas 939 Puerto Rico
441 Barbados 670 Saipan
284 British Virgin Island 721 Saint Maarten
345 Cayman Islands 869 St. Kitts/Nevis
767 Dominica 758 St. Lucia
809 Dominican Republic 784 St. Vincent
829 Dominican Republic 868 Trinidad & Tobago
849 Dominican Republic 649 Turks & Caicos Island
473 Grenada 340 US Virgin Islands

 Fraud Monitoring

The Smarsh Hosted Services NOC monitors call patterns to international (and high cost) locations on an hourly basis. If any customer exceeds the call thresholds for any international areas, Smarsh Hosted Services will disable international calling, and send an email notification to customer informing them that international calling has been disabled based on possible fraudulent activity. To protect the customer, we will not enable International calling until the account holder has given Smarsh Hosted Services authorization. In addition, Smarsh Hosted Services scans the network of connected devices to determine if any of our SIP endpoints are open to the public internet. If an endpoint (phone, phone system or gateway) is determined to be open to the public Internet, a notification will be sent to the customer and CIP informing them they are not in compliance with Smarsh Hosted Services T&C's and are required to secure the SIP endpoints behind a firewall.