13-May-87 09:37:26-PDT,9010;000000000005 Date: Wed 13 May 87 09:02:24-PDT From: Peter Neumann Subject: New Breed of Hustler: Selling Illicit Long-Distance Phone Calls To: RISKS@CSL.SRI.COM Source: an article by Robert D. McFadden, New York Times, 11 May 87 NEW YORK - At bus and rail terminals and other places of anonymity in cities across the country, a new breed of hustler has made an appearance as the point man of a fast-growing, multimillion-dollar scam selling illicit long-distance telephone calls. With the aggressive, sometimes faintly salacious phrases of hustlers who sell sex and drugs, these high-tech vagabonds seek out prospective customers at ranks of pay telephones with offers of calls of unlimited duration at black-market rates. At the Port Authority Bus Terminal, in midtown Manhattan, hustlers charge $2 for calls anywhere in the country and as little as $4 for calls almost anywhere in the world. The hustlers do the dialing, using billing codes stolen from long-distance telephone companies by computer hackers and distributed through loose networks of middlemen in much the same way that drugs are trafficked. The best customers are immigrants, shady entrepreneurs, and others who know it is a crime but find it hard to resist what they call cheap reliable, no-frills telephonic service. Like patrons of a drug pusher, they wait for the hustlers, furtively buy calls and speak for hours to faraway relatives, friends, and business associates. ''It's a serious business for all the telephone companies, including us,'' said John Houser, a spokesman for MCI Telecommunications, one of the long-distance companies that have arisen in recent years since the breakup of the American Telephone and Telegraph Co. While total losses to the scam are unknown, experts say it accounts for a substantial portion of the nation's $500 million annual cost of illegal calls. Long-distance companies - and indirectly the millions of clients who subscribe to them - are the victims. Neither the clients nor the recipients of calls are charged for them because there is no proof they were aware the calls were made fraudulently, officials say. Hundreds of phone hustlers have been arrested across the country, including 190 in New York City alone last year, but the police assign the scam a low priority in the pantheon of crime, and phone companies, despite aggressive tracing efforts, have been overwhelmed by calls in volume and by increasingly sophisticated methods of the hustlers. According to the Communications Fraud Control Association, an independent group formed by MCI, U S Sprint, and AT&T in 1985 to fight crimes involving communications, the phone hustlers gravitate to the action - especially in cities with large immigrant populations. Rami S. Abuhamdeh, the association's executive director, said the fraud had mushroomed in the last two years with the growth of long-distance telephone companies like MCI and U S Sprint, whose billing codes and interdependent dialing systems have been found particularly vulnerable by communications crooks. The fraud usually begins with a computer hacker, and investigators say the culprits are not just the stereotypical goggle-eyed teen-age whiz-kids playing around between sessions of Pac Man and Pole Position. ''Years ago,'' said Del Wnorowski, the general counsel of U S Sprint, ''we thought these were just computer whizzes. But now we're finding out there are housewives, doctors, and lawyers who are hacking codes out of the system to sell.'' Penetrating a telephone company's electronic files and extracting secret billing codes - the numbers it uses to determine who makes a call and whom to bill - is a difficult but not insurmountable task for a hacker with a relatively simple program and a telephone-modem hookup. To hackers, most billing codes are too much trouble to ferret out. Of MCI's 8 million customers, for example, 7 million use their home numbers as well as a four-digit suffix, so a hacker would have to crack a 14-digit code. But 1 million still make calls on an old system - slowly being phased out - using five-digit codes, and these are vulnerable. The hacker has his computer call MCI, for example, using one of the seven-digit numbers that patrons normally call to gain access to a long-distance line. These access numbers are widely known among hackers. Once on a line, a hacker, like a legitimate customer, dials an area code and number, and then adds a five-digit billing code. Each MCI access number is assigned 100,000 billing codes, and there are scores of access numbers in use around the country. This allows for millions of billing codes, only a fraction of which are in use. Other companies use different systems. U S Sprint, for example, has customers over the country dial a single access number from pay phones, followed by a nine-digit code for billing. Legitimate customers each have a personal billing code, so the company knows who is calling and whom to bill. Without a valid billing code, the telephone equipment will not put the call through. Hackers seeking billing codes set their computers searching for them. Since there are only 100,000 combinations of five-digit numbers on each access line, a hacker just has his computer ''crunch'' through the possibilities, one after the other. When a call goes through, it means the computer has hit upon a valid billing code and the computer records it. Running the program a little while, investigators say, produces numerous codes. The hacker then sells the codes in batches to middlemen, usually people who are contacted through computer billboard services, and they are distributed to hustlers. The price for a single billing code is up to $400, Wnorowski said. Hustlers must act fast to capitalize on their investment, for the life of a stolen code is short, perhaps only a few days. That is because the phone companies, cracking down on fraud, watch for any sudden surge in calls made on a code number. If the code's owner has not made the calls, the code is quickly cancelled. The hustlers' procedure is simple, as shown on a recent day at the Port Authority Bus Terminal. After agreeing to a price, a customer gave a hustler the desired number and he dialed it, along with the telephone company's access number and a billing code. When the party answered, the hustler collected his money, handed over the receiver and left. When the call was over, he was back to offer another call. During one complex call, he had to summon a nearby ''supervisor'' to instruct him in dialing procedure. Long calls to California and Massachusetts were $2 each. For $4, calls were placed abroad for two West German women, a man from Ecuador, several West Indians, and several Americans. For $4, the hustler sold an American a five-digit number that he said was a valid billing code to call anywhere in the world, but it later proved useless. Investigators said hustlers sometimes sold codes in their dying hours of usefulness. But such offers were suspect, they said, because surrendering valid codes only hastened their demise. Because many long-distance companies are not equipped to reach all countries abroad, investigators say, it is sometimes necessary for a hustler to use a more complex method of patching a call through. This involves a confederate, often in another city, using special equipment to tap into an AT&T long-distance line to complete the call abroad. These clandestine ''operators,'' each used by a network of hustlers in various cities, also use stolen billing codes to complete calls. In March, Rafael Rodriguez was sentenced to 20 months in jail and fined $20,000 on charges of running a discount call service in an apartment in the Washington Heights section of Manhattan. Carl H. Loewenson Jr., a federal prosecutor who handled the case, said authorities who raided the apartment found seven telephones, a mechanical device for tapping into AT&T long-distance lines, and 107 stolen billing codes. Rodriguez was said to have sold $150 calls, typically to Dominicans calling their homeland, for $10 to $15. Telephone companies say they are aggressive about tracing illegal calls, hackers who steal codes, and clandestine operators. A variety of equipment - from alarms that go off when a long-distance line is tapped to software that detects high-volume on billing codes - is being used. And five-digit codes are being phased out for harder-to-steal codes. But telephone companies competing for customers are reluctant to make billing code systems more complicated, and they are simply overwhelmed by the volume of illegal calls. ''There are a lot of entrepreneurs out there who want to create their own telephone companies,'' said Abuhamdeh. ''The way the system is set up now, they can do it.''