Since 18/06/2014 one of my customers has had calls appearing on their phone bill to “0911 176 0015” / 09111760015 (reported by their telco as 9111760015 – missing the 0).
UKPhoneInfo shows this number as being registered to IV Response Limited (ivresponse.com). Their enquiries email bounces back as “Over quota”. I dug around the internet and found a direct named person’s email address instead.
The phone system is an NEC Univerge SV8100 phone system and, as far as I can work out given the “managed firewall” at the company, has no access to the internet other than port 8000 for the phone system maintinance company to administer the system. SIP on the NEC port 5080 and the SIP port on 5070 don’t seem to respond via the internet.
At the moment I am baffled as to how the calls have been made until the phone maintenance company provide a report.
All the calls have been out of hours.
Edit: After a lot of googling and playing about calling the client out-of-hours I think I’ve discovered what may be happening.
The voicemail system allows you to jump into a mode where you can type an extension number or press 0 to go to an operator. You can then press a series of keys to jump back into the ‘internal’ side of the voicemail. This doesn’t seem to require a PIN number.
You then listen to the voicemail that has been left and press another series of 2 keys and it calls the sender.
All that happens is the fraudsters call up and leave a message making sure their caller ID is shown / their premium rate number.
They then call back again, press the required buttons to jump into the voicemail system and listen to their own message. Then press the 2 keys required to return the call.
Edit2 25th June: IV Response Limited called me back! Pretty unexpected given the enquiries address bounced and the e-mail address I found was from 2008. The guy I spoke to was polite and explained that the normal procedure is to contact the land line company and the police. The police, with a RIPA request, can find out what was done on the premium rate number once the call was connected. The land line company should be able to reduce the cost of the calls to this particular number to 61ppm (inc. vat), anything higher then they are just making profit from a bad situation.
The client’s phone company, when questioned, seemed to suggest that since January they have been adding an “Irregular Call Activity Cover” charge to all bills. The lady I spoke to seemed unsure what it covers but indicated that this charge (similar to some sort of insurance I’m guessing) may mean that some or all of the fraudulent call costs may be covered.
Sadly the person who can investigate why these calls could be made in the first place is on holiday so… other than setting a PIN on all the voicemail boxes – I don’t know if the problem is solved.