It is a list of subscriber numbers that have been identified as destinations for fraudulent calls. The list is compiled by members of the GSM Fraud Forum and the CFCA.
In addition to the subscriber number, the list identifies the organization that submitted the number and the reason why. Jim Dalton TransNexus From: Christopher Aloi [mailto:[email protected]] Sent: Monday, February 24, 2014 10:50 AM To: Jim Dalton Cc: J. Oquendo; Hiers, David; [email protected]; Mark Collier; [email protected] Subject: Re: [VoiceOps] [VOIPSEC] Tackling VoIP fraud, new idea What does the "International Revenue Fraud Number Database" on cfa.org contain? I agree it's tricky to block based on hosts, you hit one and the others start popping up. -- Christopher Aloi -- [email protected] On Fri, Feb 21, 2014 at 4:17 PM, Jim Dalton <[email protected]> wrote: One option maybe to cooperate with the Communications Fraud Control Association (www.cfca.org). They do vet their members, but they do not have a mailing list. The association also has an annual membership fee. Jim Dalton -----Original Message----- From: VoiceOps [mailto:[email protected]] On Behalf Of J. Oquendo Sent: Friday, February 21, 2014 3:38 PM To: Hiers, David Cc: [email protected]; Mark Collier; [email protected] Subject: Re: [VoiceOps] [VOIPSEC] Tackling VoIP fraud, new idea On Fri, 21 Feb 2014, Hiers, David wrote: > The key is vetting the participants. Even the feds have a hard time with that... > Indeed which is why I stated: 1) Private mailing list - to prevent talks from being seen 2) NON freemail addresses - easier to establish that this individual works for this company, therefore its highly unlikely he is going to throw himself, and or his company, under the bus passing bogus information. The "private mailing list" is not to try to start some secret club, VoIP Gestapo. It is merely to be able to share data, methods, etc., with other peers in an effort to keep our networks from piping out 100s of thousands of dollars in toll fraud. PERIOD. ANYONE is open to participate, with the clause that we want to, and NEED to be able to trust data. Otherwise it will never work. I will re-think this over the weekend and have a take two. I think it could, and would work. I do also believe that there are likely individuals even on this list, that would not like the idea much, so hosting decisions need be met, etc., in order to keep away DDoS attacks, reputation based attacks, and so forth. That's my train of thought though. -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM "Where ignorance is our master, there is no possibility of real peace" - Dalai Lama 42B0 5A53 6505 6638 44BB 3943 2BF7 D83F 210A 95AF http://pgp.mit.edu:11371/pks/lookup?op=get <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF> &search=0x2BF7D83F210A95AF _______________________________________________ VoiceOps mailing list [email protected] https://puck.nether.net/mailman/listinfo/voiceops _______________________________________________ VoiceOps mailing list [email protected] https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________ VoiceOps mailing list [email protected] https://puck.nether.net/mailman/listinfo/voiceops
