calnet

 

State Telecommunications Management Manual (STMM)

STMM Chapter 0302.0
Fraud and Security

Management Guidelines:

The telecommunications industry is rapidly advancing in technology that is both sophisticated and complex. In conjunction with this is the ongoing threat of fraud and abuse within telecommunications systems and equipment. Agencies should take precautionary steps to minimize their vulnerability to fraudulent activities that may incur thousands of dollars in costs. The CALNET Program publishes ATR Bulletins to alert agencies to recent toll fraud activities, scams or security risks.

Agencies should:

  • Establish and publish guidelines for users to reduce vulnerability to fraudulent activities. For example:
    • Users should not accept collect calls or transfer calls to public telephone operators.
    • Users should be aware that valid telephone company representatives will not ask their customers to transfer them to another telephone number or operator.
    • Telephone users should not give out information regarding the agency’s telephone service (such as access codes, call forwarding features, network dialing plan, etc.) to persons they do not know.
    • Employees should be cognizant of their surroundings when placing calling card calls in order to protect the confidentiality of their Personalized Identification Number (PIN). Avoid placing calls from any telephone that displays the numbers being dialed.
    • Users should use caution in returning pages to numbers with a “900” or “700” area code. These area codes are also “pay-per-call” services and will automatically generate a charge to the calling party. In California, this also applies to calls with a “976” prefix.
    • Users should keep cellular phones in the “off” or lock position when not in use to minimize the potential for cloning.
  • Update guidelines when new fraudulent activities, scams or abuses are identified.
  • Establish policies and guidelines for ensuring and maintaining security of telecommunications equipment rooms.
  • Verify identification of all individuals requesting access to telephone equipment rooms and provide escort and supervision while work is in progress.
  • ATR’s should review telephone lines to ensure the appropriate classes of service restrictions (or call restrictions) are established according to the user’s calling requirements.
  • ATR’s should report all fraudulent or suspicious incidences to AT&T’s Corporate Fraud Management. Once a person is connected to an investigator they should identify themselves as State of California and ask to speak to a Fraud Specialist. The AT&T Fraud number is (800) 434-5678.

Our department

Community of practice

State campaigns

Website Accessibility Certification