if you have had one of these "calls" in the last few hours can you please email your phone number and time of call to me offlist and ill go "have a chat" with someone tomorrow...




On Tue, Jun 7, 2011 at 7:37 PM, Mauricio Freitas <freitasm@geekzone.co.nz> wrote:

There�s an ongoing discussion on Geekzone, something like 12 months now. At some point we all laughed when some users posted YouTube clips they recorded of their �sessions� where they get those idiots to play along for 30 minutes. Wasting their time is great, makes it harder for them. I even have a virtual machine ready if they ever call me�

In the last couple of months calls are coming from 25 (Dijbouti). Someone on Geekzone, probably using a badly configure VOIP client, thought it was 025 (the old Telecom network), but then someone clarified that his setup wasn�t showing the numbers properly.

Most of the times these folks use compromised Asterisk PBX� They scan networks, find an Asterisk setup that accepts calls without ID, have a voice mail with the default passwords, then they configure the voice mail to divert calls to the number they want to call� They have no expense, the PBX owner gets the bill.

From: nznog-bounces@list.waikato.ac.nz [mailto:nznog-bounces@list.waikato.ac.nz] On Behalf Of Craig Whitmore
Sent: Tuesday, 7 June 2011 00:20
To: Gareth Fletcher; Andy Linton


Cc: NZNOG List
Subject: Re: [nznog] Social engineering attempt to infect hosts

> Yeah, have had some clients contacted by them recently. stuff ran an article a few months ago too:

Over the last couple of years I've had them call about 20 times and even had them on a few times :-) I just had them call about 5 mins ago. �They seem to just call sequential numbers until they find someone. Blocking the CID doesn't help as they seem to change their caller id every so often. Even asking them not to call again won't work.

The problem is actually getting them to stop is being able to have the police getting the authority to get the calls traced. Across Country border investigations are not easy to do especially when the calls could go thru various countries before it gets to New Zealand and then even when it gets in to NZ thru multiple companies in New Zealand.

Lets see.. (An example) �Call from India -> VOIP Provider in the India -> VOIP Provider in the USA -> USA �Aggregation VOIP Service-> �Callplus -> Telecom --> Orcon Customer (Telecom Wholesale )

Tracing it back to the place where is initiated from is 100% possible but do the Police really want to do anything???

Thanks

Craig


_______________________________________________
NZNOG mailing list
NZNOG@list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog