The Fraud Phone Number Database is a list of phone numbers suspected of being used in fraud anywhere around the world. New phone numbers are continually added to the database every second (24 hours per day, 7 days per week) to help detect zero-day fraud number exploits. Each phone number is weighted in terms of risk based on the number of attempts to use the number, the number of targets experiencing fraud attempts, whether the number is premium rate, the number of days since last used, etc. Telium’s fraud database has been developed over many years and is one of the largest and most comprehensive fraud prevention tools available to carriers and end users alike.
Hacker IP Address Database
The Hacker IP Address Database is a list of IPv4 and IPv6 addresses suspected of being used in telecom hacking worldwide. New IP addresses are continually added to the database every second (24 hours per day, 7 days per week) to help detect active hackers and those who are shifting IP addresses (see Moving-IP Attack Detection below). Each IP address is weighted in terms of risk based on the number of hacking attempts from that IP address, the number of targets experiencing hacking, the types of attacks using that IP address, etc. Telium’s hacker IP address database has been developed over many years and is one of the largest and most comprehensive PBX specific intrusion prevention tools available to carriers and end users alike.
Moving IP Attack Detection
Moving IP Attack Detection can identify hackers who are constantly and rapidly changing IP addresses. Professional hackers are now moving their IP addresses through large ranges of IP addresses from clouds, VPN services, large subnets, etc. to avoid detection by simplistic tools like fail2ban or regular firewalls. SecData integrates a diverse collection of data points to allow detection of hackers the instant they connect to the PBX from a new IP address.
SecData has setup a worldwide network of ‘honeypots’ to capture hacking and fraud information on a worldwide basis. These honeypots are unsecured PBX’s operating on servers located at 15+ different locations across the globe. The servers collect information on the source IP addresses of hackers, numbers they attempt to call, user agents, exploits attempted, user agent profile, ports attempted for connection, etc. Information is then transferred to Telium for immediate processing and placed into the SecData databases.
SecData uses a simple ReST (Representational State Transfer) interface for all queries. A ReST interface allows a broad range of devices and programming languages to interact with SecData using a simple URL, and responses can be formatted as plain text, JSON, and XML. The included documentation provides examples of how to query SecData servers from various languages and scripts (C, C++, PHP, Bash, etc.) and dialplans (Asterisk).