Hello,
We’re running a FREEPBX system (12.0.76.2) for our company.
Recently, one of our users, who has an 800 number that is linked to his extension, has started receiving calls from numbers he does not recognize. When he answers, or when the calls go to voicemail, it’s just like grainy white noise with what may be garbled voices and beeping.
Initially, when the calls went to voicemail, they would leave messages of 149 minutes each. When we discovered this, we shortened the maximum VMS length to about 2 minutes.
HOWEVER, whoever or whatever was calling in was racking up lots of minutes on our 800 number service.
The phone company has identified the offending calls as having spoofed caller IDs and they are working to credit us back for this mess.
Does this sound like some sort of hacking? If so, what should I be looking to change in the system settings to prevent this sort of abuse?
Any idea how this might be working, that is, how they’re getting in? Should I be looking at having passwords changed?
A person with the phone co who was involved in the investigation suggested putting an IVR between the 800# dial in and the actual extension that it goes to so as to require some human intervention.
You have a toll free number, it costs you probably 2 to 5 cents a minute inbound, 800 numbers are “shared revenue” so the longer the call, the bigger the profit for the "badguy’ They “come in” over the PSTN, they do it late at night, you answer the call, there is no-one there you send it to voicemail, they send noise to keep the call open, you haven’t restricted voicemails to a reasonable length, ergo, they make money, you pay them to do so.
Check with your “resporg” (responsible organization) behind your toll free number as to who is doing that and who and why they are paying them. . . .
Thank you very much for your insight.
The ugly part of this is the phone co we use had some “default” billing rate of upwards of $1.48 per minute for 800 service. They’re in the works to fix this and credit us back.
I did find the other forum posts regarding this sort of issue and I saw your comments about the maxmessage and maxsecs. Right now, we have a value of 120 in maxmessage. This seems to have fixed the long voicemails problem. Should change maxsecs to the same 120 value?
I’m going to go RTFM… Did I mention I’m kinda new to this game.
No, I actually mean $1.48/per minute (yes, ONE dollar and 48 cents). When I actually looked at the bill, my head was spinning.
I have dealt with this phone co in the past and have never had such a difficult time finding someone in the organization to help to “put a calling plan” on the account. (BTW, this phone co is one of the MAJOR players in the industry, not some fly-by-night org).
Wow, I work with them all, even the old PacBell/ATT never went past 13 cents a minute, port the number to someone cheaper and more effective, limit your call length, and complain to your PUC (public utility commision) if the carrier won’t respond reasonably.