Toll fraud is illegal and is actively investigated by multiple federal organizations including the FBI: http://newark.fbi.gov/dojpressrel/2009/nk061209.htm If you have the time to try and contact them, that is certainly reasonable for you to do, but keep in mind that in theory they could confiscate your equipment as evidence. The best thing you can do is fight it from effecting anything. If the attacks really are coming from one specific number (as opposed to changing due to spoofing) you might be able to block the calls at your SBC or other ingress point. -Scott From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Ujjval Karihaloo Sent: Sunday, November 08, 2009 1:49 PM To: Russell McConnachie Cc: voiceops at voiceops.org Subject: Re: [VoiceOps] Hackin attempts to Broadsoft voice portal Thx a lot Russell. We already have those measures in place, just want to see if we can do anything else about these hackers Ujjval Karihaloo VP Voice Engineering IP Phone: +13032428610 E-Fax: +17202391690 SimpleSignal Inc. 88 Inverness Circle East Suite K105 Englewood, CO 80112 <http://www.simplesignal.com/> bvoip From: Russell McConnachie [mailto:russell at mcconnachie.ca] Sent: Sunday, November 08, 2009 11:45 AM To: Ujjval Karihaloo Cc: voiceops at voiceops.org Subject: Re: [VoiceOps] Hackin attempts to Broadsoft voice portal Hi Ujjval I have had this problem also with malicious hackers attacking my voicemail boxes and making outbound calls to International destinations (Usually the Phillipines). For the time being - I have disabled all outbound dialing through the Voice Portal. If my subscribers want a function such as this they can either use one of two things. 1. Remote Office 2. BroadWorks Anywhere. Also increasing the password policies for Voice Portal/Voice Mail Passwords does help, No longer do I allow passwords which are shorter than 5 characters (As most attackers use the default 0000, 1234, 7890 password combinations). I am in Canada and I haven't found anything I can do besides that. Thanks On Sun, Nov 8, 2009 at 10:26, Ujjval Karihaloo <ujjval at simplesignal.com> wrote: Lot of failed attempts from 1 particular number.... 15096346223. Seems to be scanning thru voice mail boxes serially attempting passwds & locking them out. Last time v saw this i tracked this to be a magic jack number, i called back & a person answered & said that he can fix my voice mail for me if i gave him my password. I emailed magicjack support & they never responded. Is there anything we can do to bring these malicious hackers to justice? Any one has experience un this area legally given that these hackers are mostly outside the US. Ujjval Karihaloo VP Voice Engineering SimpleSignal Inc. IP Phone: +13032428610 Sent from my iphone _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops