💾 Archived View for spam.works › mirrors › textfiles › phreak › 071scam.txt captured on 2023-06-16 at 19:37:56.

View Raw

More Information

-=-=-=-=-=-=-

 Date: Thu, 24 Oct 91 09:38:59 +0100
From: Torsten.Lif@eos.ericsson.se

A brief note in a local newspaper the other day told the story of a
simple but effective scam to draw money out of public institutions.

A couple in southern Sweden set up a "singles hot-line" service using a
071x-number (our equiv. of the 1-900-numbers in the US where the Telco
and the called party split the charges paid by the caller). [note to
moderator: fell free to correct if I'm mistaken about the number]

Apparently, the income from this hot-line was not enough to satisfy
them so they decided to increase revenue in a simple but effective
fashion. They went all around town to libraries and other public
buildings, looking for phone extensions that were not too closely
guarded. They'd then pick up the receiver, call the hot-line number and
leave the phone with the receiver off-hook. One extension in a library
was reported as having been connected to the hot-line for over a week!
At a cost of over $0.50/minute, this came as quite a shock to the
people in charge of economy at the library when the bills arrived, some
months later.

The RISK of this is the old one of not letting a stranger use your phone but
with a new twist. Normally you'd be worried about him actually USING your phone
to call long-distance. In this case, it was enough for him to merely initiate a
call and then go away. How many employees in a large office will think twice
about a phone being off-hook? Most people will simply assume somebody else is
using it and has gone away temporarily. As long as the phone in question is not
on your own desk, you're not likely to replace the receiver.

Many modern phone systems offer their subscribers blocks against calls to
certain numbers or area codes, forcing users to either "unlock" the phone with
a certain code sequence or to order e.g. international calls through the
switchboard operator. This opens up a new can-o'worms in the matter of personal
integrity and your boss knowing who you call, but it prevents the kind of abuse
described here. However, it requires somebody to explicitly request this
locking service for an office/PABX/whatever. The default, as that library found
out the hard way, is to have all calls enabled.
                                                              +46 8 719 4881
Torsten Lif, Ericsson Telecom AB, EO/ETX/TX/ZD,  S-126 25  STOCKHOLM, SWEDEN

------------------------------