MERLIN LEGEND Communications System Release 6.1
Feature Reference
555-661-110
Issue 1
August 1998
Customer Support Information
Page A-16Other Security Hints
A
Educating Operators 48
Operators or attendants need to be especially aware of how to recognize and
react to potential hacker activity. To defend against toll fraud, operators should
follow the guidelines below:
■ Establish procedures to counter
social engineering
. Social engineering is a
con game that hackers frequently use to obtain information that may help
them gain access to your communications system or voice messaging
system.
■ When callers ask for assistance in placing outside or long-distance calls,
ask for a callback extension.
■ Verify the source. Ask callers claiming to be maintenance or service
personnel for a callback number. Never transfer to
*
10 without this
verification. Never transfer to extension 900.
■ Remove the headset and/or handset when the console is not in use.
Detecting Toll Fraud 48
To detect toll fraud, users and operators should look for the following:
■ Lost voice mail messages, mailbox lockout, or altered greetings
■ Inability to log into voice mail
■ Inability to get an outside line
■ Foreign language callers
■ Frequent hang-ups
■ Touch-tone sounds
■ Caller or employee complaints that the lines are busy
■ Increases in internal requests for assistance in making outbound calls
(particularly international calls or requests for dial tone)
■ Outsiders trying to obtain sensitive information
■ Callers claiming to be the “phone” company
■ Sudden increase in wrong numbers
Establishing a Policy 48
As a safeguard against toll fraud, follow these guidelines for your MERLIN
LEGEND Communications System and voice messaging system:
■ Change passwords frequently (at least quarterly). Changing passwords
routinely on a specific date (such as the first of the month) helps users to
remember to do so.
■ Always use the longest-length password allowed.
To Next Page
Loading...
