CenturyLink Warns Customers of Costly Calling Fraud
Apr 12, 2010
MONROE, LA – CenturyLink (CenturyTel, Inc., NYSE: CTL) is cautioning customers about fraudulent activity that could end up costing them thousands of dollars. The criminal activities are generally targeted at, but not limited to, business customers who have multiple lines and complex telephone equipment and capabilities.
While there are a variety of illegal schemes in existence, the goal of the perpetrator is to make or facilitate long distance, often international, calls by hacking into a business’ long distance capabilities. The end result for the business is that thousands of dollars of long distance calls are made in a very short period of time, leaving them with an enormous phone bill.
“If a business customer doesn’t have an equipment maintenance or monitoring contract from his or her service provider, there is no way for the provider to safeguard the business’ physical phone system,” said Erik Zimmer, vice president and general manager for CenturyLink’s south Florida market.
When contracting with CenturyLink to maintain phone equipment, a number of mechanisms are put in place to protect customers from these types of illegal activities. The CenturyLink team works with customers to block destinations, after hours or weekend calls, operator services and other blocks the customer may desire.
CenturyLink also encourages customers to follow these practices when securing a PBX or voice mail system.
- Use the maximum number of digits for the DISA (Direct Inward System Access) code. Disable if possible.
- Block all calls to 976, 950 or 411. Restrict 1+ dialing to the greatest extent possible.
- Secure remote maintenance ports on each CPE (Customer Premise Equipment). Use call back modem or alpha numeric passwords.
- Ensure system administration and maintenance port telephone numbers are randomly selected, unlisted, and are not part of the regular numerical sequence for your business.
- Block 0+ and 0 as well as 10XXX dialing.
- Ensure random generation and maximum length of authorization codes.
- Restrict after hours calling i.e. DISA, International, 809 area code, and toll calls.
- Eliminate trunk to trunk transfer.
- Delete all default passwords.
- Change passwords frequently.
- Deactivate all unassigned authorization codes.
- If available, use multiple levels of security on maintenance ports.
- Review system call detail reports daily to analyze calling activity.
- Restrict transfer from voice mail to internal calls only.
- Do not allow generic or group authorization codes.
- Do not allow forwarding telephones to off premises numbers.
- Consider only attendant assisted international calling.
- Initiate Class of Service screening to areas where no business need exists.
- Ensure “night bell” or operator (attendant) service will not default to dial tone when unattended.
- Block or restrict toll-free calling from areas where there is no business requirement.
- Do not use alpha passwords that spell common English words or names.
- Deactivate unassigned voice mailboxes and DISA codes.
- Immediately deactivate passwords and authorization codes known to former employees.
CenturyLink is a leading provider of high-quality voice, broadband and video services over its advanced communications networks to consumers and businesses in 33 states. CenturyLink, headquartered in Monroe, La., is an S&P 500 company and expects to be listed in the Fortune 500 list of America's largest corporations. For more information on CenturyLink, visit www.centurylink.com.