I would like to advise to anyone using the product to check very carefully the use of the Call Forwarding Prompted Feature Code (*72 on the default load). This feature is analogous to Remote Access to Call Forwarding, and allows an extension in the pbx to be selected for Call Forwarding Always.
In the last months we have had attacks through the phone network that seek to find this feature when feature codes are enabled on IVRs. They pick extensions and then forward them to international numbers. Unfortunately we get stuck with the bill and the suspended service hassle with our provider, which is the whole point.
We had to disable the feature network wide to defeat, and now only offer it if used with a longer code.
If you have this feature and it can be accessed from your IVRs you should take action.