Has anyone managed to alter their voicemail box call transfer to an external number successfully?
I've got a customer that has been exploited by what appears to be an inbound call to voicemail transferred back out again to a foreign number. (at least this is what CAR shows as happening)
I'm guessing this is done by calling the main Voice Pilot number for a company, guessing an extension then using the default 12345 password that nobody ever changes!!! Then using options 4...4...2(entering required destination)...1 .
However when I have tried to do this myself (in my lab as well) it doesn't actually work.
It plays back "calls will now be transferred to xxxx" but when you call the number it STILL goes to voicemail.
I've managed to get it working using call handlers but doubt a fraudster with hacked access to Unity would reconfigure something like that when it's easier to put a CFWD All on a CallManager DN to a required number.
We have now nailed down security on this customers site but they still want to know how it happened and wondered if anyone could support or dispel my theory??? or indeed shed light on what these options are actually for...