����������������������������������������������Ŀ � (I)nternational (P)hreakers (X)change � � � � > Presents < � � � � Phone Fraud (Newspaper Article) � � � � Typed Up By: GrIm Reaper � � August 18, 1990 � ������������������������������������������������ - Miami Herald Phone Fraud - Companies' systems become targets of schemes NEW YORK-Businesses, not individuals, are becoming the victims of choice in the thriving crime of telephone fraud, industry experts think. Phone fraud accounts from $500 Million in losses, or about 1 percent of the $50 billion in revenues earned by long-distance carriers annually, says the Communications Fraud Control Association, a group based in McLean, Va. Traditionally, long-distance schemes consisted mainly of calling-card fraud - mostly unauthorized use of individual's or bussinesses' carrier-issued calling-card billing numbers. Other phone service thieves used so-called "black boxes" that emit a tone to allow access to long-distance lines. But individual calling-card fraud is being taken over rapidly by another scheme - one that victimizes bussiness telephone systmes called private branch exchanges or PBXs. "Abusers are now going after the more vulnerable PBXs and are having a field day." said Rami Abuhamdeh, whose fraud-control association is financed by telephone companies and law enforcement agencies. PBXs schemes focus on a feature on the phone system that allows company employees to dial into the home office - usally on 1-800 or WATS line - from outside. Then, after punching in a personal identification number, they get a second dial tone and can make calls as if they were sitting at their desk. Calls made using this feature, called reorigination, allow the company to save the additional charges that long-distance carriers assess for calling-card use. To get the three- to four didit security codes, computer hackers use programs on thier own personal computers. Equipped with a telephone modem the hackers can automatically dial numbers sequentially until they hit upon the right combination to access an outgoing line. A hacker can even start the program before he goes to bed and by the time he wakes up in the morning, he'll have the cde number, said Bob Fox of United Telecom. Abuhamdeh said that thieves are focusing on PBXs in part because larger long-distance companies have increased their security against calling-card fraud. Access codes also have been sold by disgruntled employees at some companies. Fox said calling-card fraud at United Telecom's US Sprint is down to insignificant numbers. But for businesses victimized by PBX fraud, losses can be staggering. Fox said $30,000 to $40,000 in extra charges is not unusual. Among the most innovative attempts at eliminating remote-access fraud is a device deleloped by US Sprint that can recognize the precise voice pattern of a legitimate customer. The customer, after registering his voice pattern with the long-distance carrier, simply says his identification number into his phone and the voice recognition device verifies the user's identity. "It applies to both long-distance companies and PBX users. The technology is at point right now where it's changing every day and becoming better," Abuhamdeh said. Companies can take immediate steps to fight against PBX fraud by increasing remote-access code numbers to as many digits as the system allows and not using numbers in sequential order, Fox said. Fox also recommends that companies turn off the reorigination feature of a PBX during hours when the system is not normally used and review remote-access records as frequently as possible. CRIME CALLS The different kinds of telephone fraud and estimated ammual losses in millions of dollars: Institutional Fraud : $150 30% Subscription Fraud : $50 10% Electronic Long-Distance Fraud : $75 15% Flat-rate Multilevel Marketing Schemes: $125 25% Call sell Schemes : $100 20% Institutional Fraud: Fraud originating at colleges, military bases and prisions. Subscription Fraud: Phone users who don't pay accounts, use fictitous names, etc. Electronic Long-Distance Fraud: Hackers with personal computers use modems to connect to other computers by illegally using long-distance lines. Flat-Rate Multilevel Marketing Schemes: One person sells flat-rate long-distance service to some of his friends; they in turn sell it to thier friends, etc. (Not all such operations are illegal.) Call sell Schemes: Someone operating out of a pay phone or residence sells long-distance usage, using unauthorized billing numbers to pay for the calls. -SOURCE OF INFORMATION: Communucations Fraud Control Association, The Associated Press. ������������������������������������������������������������������������������ -Check Out iXP's Infoletter #1, And Infoletter #2 (When Available) IPX Vmb 305-787-7900 Box : 407853 GrIm Reaper -iPX Staff