Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- BT Business Community
- Archive
- Dial Through Fraud possibly over VOIP- over £700 i...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Dial Through Fraud possibly over VOIP- over £700 in one day !
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
Dial Through Fraud possibly over VOIP- over £700 in one day !
on 24-04-2014 15h50
We have a dedicated BT Infinity line installed with a BT hub attached. There is NO phone attached to the socket !!
Over the Easter break BT claim that over £700 of calls were made from a building that was entirely vacant.
There is one CCTV device connected to BT Hub and port forward rule is in place. I have personally checked the setup and cannot see anything that is incorrect. The BT Fraud team have advised that the problem is ours and it was likely an automated attack. They also advised it was possibly done over VOIP.
Our BT account manager is also confused by this too. As VOIP calls would apparently appear on a broadband bill not a landline bill.
I have searched the logs on the hub during that time and cannot see anything that looks odd.
Does anyone have any ideas what might have happened?
| 07:50:13, 20 Apr. | ath0: STA 00:ac:54:e5:07:da IEEE 802.11: WiFi registration failed |
| 07:50:01, 20 Apr. | ath0: STA 44:a7:cf:b8:cd:7f IEEE 802.11: Client associated |
| 07:50:01, 20 Apr. | ath0: STA 44:a7:cf:b8:cd:7f IEEE 802.11: Client disassociated |
| 07:45:22, 20 Apr. | ath0: STA 00:ac:54:e5:07:da IEEE 802.11: WiFi registration failed |
| 07:45:10, 20 Apr. | ath0: STA 44:a7:cf:b8:cd:7f IEEE 802.11: Client associated |
| 07:39:25, 20 Apr. | ath0: STA 44:a7:cf:b8:cd:7f IEEE 802.11: Client disassociated |
| 07:39:15, 20 Apr. | ath0: STA 44:a7:cf:b8:cd:7f IEEE 802.11: Client associated |
| 08:48:21, 18 Apr. | ath0: STA 44:a7:cf:b8:cd:7f IEEE 802.11: Client disassociated |
| 07:29:17, 20 Apr. | (6875243.070000) OpenWiFi_1 IPSec connection is down |
| 07:12:22, 20 Apr. | (6874228.930000) OpenWiFi_1 IPSec connection is up |
| 02:04:16, 20 Apr. | (6855742.380000) CWMP: session completed successfully |
| 02:04:16, 20 Apr. | (6855742.170000) CWMP: HTTP authentication success from https://pbthdm.bt.mo |
| 02:04:06, 20 Apr. | (6855732.090000) CWMP: Server URL: https://pbthdm.bt.mo; Connecting as user: ACS username |
| 02:04:06, 20 Apr. | (6855732.090000) CWMP: Session start now. Event code(s): '4 VALUE CHANGE' |
| 02:04:02, 20 Apr. | (6855728.910000) WAN operating mode is Ethernet |
| 02:04:02, 20 Apr. | (6855728.910000) Last WAN operating mode was Ethernet |
| 02:04:02, 20 Apr. | (6855728.860000) PPPoE is up |
| 02:04:02, 20 Apr. | (6855728.390000) PPP IPCP Receive Configuration ACK |
| 02:04:02, 20 Apr. | (6855728.380000) PPP IPCP Send Configuration Request |
| 02:04:02, 20 Apr. | (6855728.380000) PPP IPCP Receive Configuration NAK |
| 02:04:02, 20 Apr. | (6855728.380000) PPP IPCP Send Configuration ACK |
| 02:04:02, 20 Apr. | (6855728.370000) PPP IPCP Receive Configuration Request |
| 02:04:02, 20 Apr. | (6855728.370000) PPP IPCP Send Configuration Request |
| 02:04:02, 20 Apr. | (6855728.370000) CHAP authentication successful |
| 02:04:02, 20 Apr. | (6855728.350000) CHAP Receive Challenge |
| 02:04:02, 20 Apr. | (6855728.320000) Starting CHAP authentication with peer |
| 02:04:02, 20 Apr. | (6855728.320000) PPP LCP Receive Configuration ACK |
| 02:04:02, 20 Apr. | (6855728.320000) PPP LCP Send Configuration ACK |
| 02:04:02, 20 Apr. | (6855728.320000) PPP LCP Send Configuration Request |
| 02:04:02, 20 Apr. | (6855728.320000) PPP LCP Receive Configuration Request |
| 02:04:02, 20 Apr. | (6855728.230000) CHAP Receive Challenge |
| 02:04:02, 20 Apr. | (6855728.230000) Starting CHAP authentication with peer |
| 02:04:02, 20 Apr. | (6855728.230000) PPP LCP Receive Configuration ACK |
| 02:04:02, 20 Apr. | (6855728.220000) PPP LCP Send Configuration Request |
| 02:04:02, 20 Apr. | (6855728.220000) PPP LCP Receive Configuration Reject |
| 02:04:02, 20 Apr. | (6855728.220000) PPP LCP Send Configuration ACK |
| 02:04:02, 20 Apr. | (6855728.220000) PPP LCP Receive Configuration Request |
| 02:04:02, 20 Apr. | (6855728.220000) PPP LCP Send Configuration Request |
| 02:03:33, 20 Apr. | (6855699.310000) CWMP: session closed due to error: Could not resolve host |
| 02:03:32, 20 Apr. | (6855698.110000) CWMP: Server URL: https://pbthdm.bt.mo; Connecting as user: ACS username |
| 02:03:32, 20 Apr. | (6855698.110000) CWMP: Session start now. Event code(s): '4 VALUE CHANGE' |
| 02:03:31, 20 Apr. | (6855697.710000) CWMP: Initializing transaction for event code 4 VALUE CHANGE |
| 02:03:31, 20 Apr. | (6855697.270000) PPP LCP Send Termination Request [PPPoE PADT received] |
| 02:03:26, 20 Apr. | (6855692.600000) PPPoE is down after 1370 minutes uptime [Disconnected] |
| 02:03:24, 20 Apr. | (6855690.410000) PPP LCP Send Termination Request [Peer not responding] |
| 01:10:21, 20 Apr. | (6852507.070000) OpenWiFi_1 IPSec connection is down |
| 00:55:19, 20 Apr. | (6851606.030000) OpenWiFi_1 IPSec connection is up |
| 22:32:34, 19 Apr. | (6843040.490000) OpenWiFi_1 IPSec connection is down |
| 21:48:11, 19 Apr. | (6840377.350000) OpenWiFi_1 IPSec connection is up |
| 20:52:16, 19 Apr. | (6837022.300000) OpenWiFi_1 IPSec connection is down |
| 20:37:09, 19 Apr. | (6836115.260000) OpenWiFi_1 IPSec connection is up |
| 20:28:48, 19 Apr. | (6835614.610000) OpenWiFi_1 IPSec connection is down |
| 20:00:23, 19 Apr. | (6833909.570000) OpenWiFi_1 IPSec connection is up |
0
Kudos
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
Hi @yimpster
Sorry to hear about that.
Usually, our best advice would be to investigate this with the help of the Business Broadband billing team - you can contact them via the Livechat facility, at the following web page:
However, if someone was using BT Falcon IP 'phones (or similar third-party devices), these do not have to be on site to accrue usage against your bill. These 'phones, once configured, can be used through any other connection as the user details are, I believe, stored in the devices themselves, not on site.
The Business VoIP team will be able to give you more information on how this works and may be able to confirm if VOIP services were involved in this at all. You can contact them free, on: 0800 169 1146.
I really do hope that helps shed some light on your query.
0
Kudos
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Highlight
- Report Inappropriate Content
For anyone else that's been a victim. It's worth knowing !!
Apparently one month on our account manager is still discussing these charges with the BT security team. Residents have had their costs refunded.
0
Kudos
