A company we work closely with, but is not our customer, had their Cisco Call Manager hacked due to some h.323 vulnerability that I don't have full details on yet. There were a number of calls placed to: 881835211540 881835211556 881835211547 My findings indicate these are Globalstar satellite numbers that cost somewhere between $4 and $7/minute to call, depending on carrier. The victim's carrier is billing them at $6.50. The total bill for the event is around $13k. This is a small company that can't really afford this. I am not an interested party in the sense that it wasn't on our network, but it's a company we work with a lot and want to help. I also want to learn from this to potentially protect our own network. Some questions... 1. What is the scam here? The recipient of those calls doesn't gain anything, and placing a few calls to three specific satellite phones seems to have little purpose. Many of the calls were concurrent. It all happened in the span of just a few hours. 2. Anyone experienced the same thing with those numbers or similar numbers? 3. About a year ago I attended an FBI presentation on VoIP fraud and there was a VoIP specialist who gave his contact info, but I can't find it. What is the best way for this company to report this crime? -- Carlos Alvarez TelEvolve 602-889-3003