Security of Your System: Preventing Toll Fraud. AT&T MERLIN LEGEND Release 3.1, MERLIN LEGEND Release 4.0

Customer Support Information

Security of Your System:

Preventing Toll Fraud

As a customer of a new telephone system, you should be aware that there is an increasing problem of telephone toll fraud. Telephone toll fraud can occur in many forms, despite the numerous efforts of telephone companies and telephone equipment manufacturers to control it. Some individuals use electronic devices to prevent or falsify records of these calls. Others charge calls to someone else’s number by illegally using lost or stolen calling cards, billing innocent parties, clipping on to someone else’s line, and breaking into someone else’s telephone equipment physically or electronically. In certain instances, unauthorized individuals make connections to the telephone network through the use of the Remote Access features of your system.

The Remote Access features of your system, if you choose to use them, permit off-premises callers to access the system from a remote telephone by using a telephone number with or without a barrier code. The system returns an acknowledgment signaling the user to key in his or her barrier code, which is selected and administered by the system manager. After the barrier code is accepted, the system returns dial tone to the user. In Release 3.1 and later systems, barrier codes are by default restricted from making outside calls. In prior releases, if you do not program specific outward calling restrictions, the user will be able to place any call normally dialed from a telephone associated with the system. Such an off-premises network call is originated at, and will be billed from, the system location.

The Remote Access feature, as designed, helps the customer, through proper administration, to minimize the ability of unauthorized persons to gain access to the network. Most commonly, phone numbers and codes are compromised when overheard in a public location, through theft of a wallet or purse containing access information, or through carelessness (for example, writing codes on a piece of paper and improperly discarding it). Additionally, hackers may use a computer to dial an access code and then publish the information to other hackers. Enormous charges can be run up quickly. It is the customer’s responsibility to take the appropriate steps to properly implement the features, evaluate and administer the various restriction levels, protect access codes, and distribute access codes only to individuals who have been fully advised of the sensitive nature of the access information.

Common carriers are required by law to collect their tariffed charges. While these charges are fraudulent charges made by persons with criminal intent, applicable tariffs state that the customer of record is responsible for payment of all long-distance or other network charges. AT&T cannot be responsible for such charges and will not make any allowance or give any credit for charges that result from unauthorized access.

System Programming A–9