Copy Link
Add to Bookmark
Report

Mindcrime_file_05

eZine's profile picture
Published in 
Mindcrime
 · 26 Apr 2019

  

================================[MiNDCRiME]================================
[FiLE #5:]

eASE dROPPING aND cARDS
y---[MiNDCRiME #2!]---y
aRTICLE tYPED bY iP?!
_ _ _____ 12.o4.94 ]____ _ _

Every now and then, those of us who take the time to be
observant stumble across something remarkable. Let me
relate to you one of those experiences.
It was an all too lazy sunny afternoon in Indiana. I
was bored, and I decided to listen to my Realistic
PRO-2004 scanner. I flipped it on and scanned through
the usual federal government, military aviation, and
cordless phone frequencies, but there was no action to
be found. I happened to come across some scrambled DEA
transmissions and a droning cordless phone conversation
by some neighbors I could not identify. So for a
change I decided to scan through the marine radio
channels. The scanner then stopped on marine radio
channel 26, which is used to ship-to-shore telephone
calls. A man was reading off his calling card number
to the operator, who gladly accepted and connected his
call. Calling card numbers over the airwaves! I was
shocked -- astonished that such a lack of security
could not only exist, but be accepted practice.

I began mointoring marine telephone to find out more,
and it turns our that using a calling card for billing
is commonplace on VHF marine radiotelephone. People use
calling cards for billing all the time. That's what
the are for. But is it that big of a deal? [k0d3z!]
You bet it is. Marine telephone uses two frequencies,
one for the ship and one for the shore station.
[obviously]
The shore station transmits both sides of the
conversation at a some-what considerable power, enough
to offer reliable communications up to 50 miles
offshore. Anyone with a standard police type scanner
costing as little as $100 can listen in. People using
marine radiotelephonecan be broadcasting their calling
card number to a potential audience of thousands.
[k0d3z] And that just shouldn't be happening, but it
is. [I won't complain] And there is no doubt that
calling card fraud is occurring because of this lack of
security.

From the phone compant's [many Bell and non-Bell
companies provide marine telephone service] point of
view it must be a trade-off for customer convenience.
You see, there just aren't that many ways to bill a
ship-to-shore call. Most calls are collect, a few are
billed to the ship if they have an account, and a few
go to third party numbers [hehe] or other special
accounts. .. Sometimes the operators have trouble
verifying billing information. I monitored one man,
who after racking-up $40 worth of AT&T charges was
informed that they couldn't accept his international
account number. The operator finally coaxed him into
giving a address for billing. Calls are often billed
to third party numbers with verification [hmm], but
calling cards make billing easy for both the customer
and the phone company involved. It would also be
tricky for a company to not allow calling card use
[very tricky]. Doing so would be a inconvenience to
customers and would force them to admit a lack of
communications security. Of course people using marine
radio should already realize that their conversations
aren't private, but announcing the fact wouldn't help
the phone compant at all. In fact, people may place
less calls.

The convenience offered by calling cards makes them an
easy target for fraud. They can be used by anyone from
any phone and with a variety of different long distance
carriers via 10XXX numbers. No red of blue box
hardware necessary here, just 14 digits, but of course,
the number won't be valid for long after all those
strange charges start showing up on someone's bill. It
should be noted that when a calling cafd is used, the
number called, time and date of call, and location [and
often, the number] from which the call was placed are
printed on the bill. A fraudulent user could be caught
via that information if they were careless. Also, some
long distance companies may contact the owner of the
card if they notice and unusually high number of
charges on the card. .. Long distance companies bear
with the brunt of the bills caused by calling card
fraud. However, if you read the fine print, the cards
offered by many companies have a certain minimum amount
that the customer must pay, say $25 or $50. [I have yet
heard of a case where a phone compant got away with
charging a customer when the only thing stolen was a
number and not the card itself] .. So, whats the moral
of the story? Simple. Be damn careful what you say
over any radio, and that included cordless and cellular
telephones.

Also, be careful about how sloppy you are when using
cards. If you are using a calling card, enter it with
touch tones. =) If you happen to make VHF marine
radiotelephone calls, bill collect or charge to your
phone number as you would to a third party number --
without the last four calling card digits. For the most
part radio communications are easy to intercept, and
keeping them secure is up to you. Then again, it gives
hackers and phreakers the cutting edge, and I must say
no one is in any situation to bitch or complain.

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos from Google Play

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT