Posts by jde96

Happened to us...

Our company has recently been the subject of a similar attack, setting up a fake website with jobs on it, posting job adverts, and inviting people to a 6 week training course with fees of about $2,500, which they promise to pay back on completion. We're UK based, and the fraud made it look like we were branching out into the US and taking people on.

Cue lots of worried Americans emailing and calling us wondering whether it was legit. They'd been sent contracts of employment and all sorts and all seemed to be at different stages through the fraud, from seeing the initial advert, to booking flights / hotels to go to the non-existent course.

We contacted Action Fraud, who appeared to do nothing at all, and we got the website shut down by messaging a very nice Ukrainian DNS provider who were very helpful, but they popped back a week later with the same website, and slightly altered DNS name (they put a hyphen in it). That's now shut down too, and it's been quite for a week or 2 now.

Close...

When I was testing our first FreePBX system, I left a firewall rule on to experiment with using an external SIP client for a whole 2 days, and in that time, more than one IP had hijacked it, cracked the admittely pisspoor password on one of the extensions' accounts, and made a bunch of dodgy international calls. Luckily, I used a pay as you go SIP trunk provider and only loaded it with £5 of credit. The number of unsuccessful calls from after the credit ran out made my eyes water...

Lesson very much learnt. Now in production for 18 months, handsets can only connect from our internal network, the firewall rule for the trunk provider only allows their IP range and all the handset passwords are MD5 hashes (as they are by default in FreePBX). To date, no problems... but our ISDN30 system in another office, handled by an external firm, used to get bombarded every couple of weeks with calls attempting to gain access to outside lines. To my knowledge they never did, but no-one could make any calls for about 15 minutes at a time as they could take all the lines up.