Forgot your password?
typodupeerror
Spam The Internet

More on Scammers Abusing TTY Services 192

Posted by michael
from the low-down-no-good-dirty-rotten-scoundrels dept.
edward ericson writes "A more comprehensive look at IP Relay scams and their effect on relay operators, the deaf, US business and the relay providers like Sprint, AT&T and MCI. Unlike a previous piece in the AZ Star, this one shows that the problem is at least a year old, and estimates that the companies have earned at least $23 million by facilitating scams. Anyone here care to discuss IP blocking techniques?" See our previous story for more.
This discussion has been archived. No new comments can be posted.

More on Scammers Abusing TTY Services

Comments Filter:
  • by LostCluster (625375) * on Thursday April 15, 2004 @01:16PM (#8871463)
    It's more or less proven now that this system is implemented very poorly. IP-based TTY calls should be suspended until an effective authentication solution is in place.

    The deaf people with computers can still get to this service by using their modems as a TTY terminal, and by calling a 1-800 number, there would be effective proof that the call is coming through the USA. Data calls don't get along well with VoIP services...
    • Something else the submitter alluded to, and the article talked about: it looks like there needs to be an incentive to not take bogus phone calls. An incentive either in addition to or instead of an authentication system. Right now, if I read correctly, it seems as if "they" (AT&T, Sprint, etc) are getting paid by volume. That's a green light for greedy execs to sweep the problem under the rug, especially since the law prevents the operators from publically complaining.
      • The service for tty comes out of your pocket (assuming you live in CA). I don't know about other states.

        from here [ddtp.org],

        WHO PAYS FOR THIS PROGRAM?

        State legislation was passed requiring the California Public Utilities Commission (CPUC) to implement a program to distribute telecommunications equipment and services for individuals certified as having functional limitations of hearing, vision, movement, manipulation, speech and/or interpretation of information.

        The program is funded by a small surcharge that appea

    • by PretzelBat (770907) on Thursday April 15, 2004 @01:27PM (#8871606)
      It's more or less proven now that this system is implemented very poorly. IP-based TTY calls should be suspended until an effective authentication solution is in place.

      Okay. We should also suspend email, then, right? Because it is implmented very poorly, there is no system of authentication, and it is subject to MASSIVE abuse?

      Oh, wait. You want to suspend other people's means of communication, but not your own. My bad.

      • by LostCluster (625375) * on Thursday April 15, 2004 @01:32PM (#8871684)
        Actually, I'd be glad to see SMTP e-mail shut down and replaced with something better too.

        TTY translation service existed just fine before IP connections were accepted, so it'll be just fine after. I'm not cutting off the old way, just cutting off the new way so that the old way can continue to operate without the public distrusting it...
        • Land line telephones existed before cell phones so why not just cut the cell phones out? Oh that's right, only the hearing people are allowed to move forward in technology while us retarded cripped poor deaf people need to stay in the stone ages. I keep forgetting my place in society.
      • by shrubya (570356) on Thursday April 15, 2004 @01:38PM (#8871761) Homepage Journal
        We should also suspend email, then, right?

        I think you missed a teensy little point: the IP relay service is funded by TAX DOLLARS and MANDATORY FEES on all phone bills. The big telcos are making profit at our expense -- they get paid BY THE MINUTE handling phone calls for scammers.

        Can you hear me now?
        • I think you missed a teensy little point: the IP relay service is funded by TAX DOLLARS and MANDATORY FEES on all phone bills. The big telcos are making profit at our expense

          Stop and consider how much the internet has been and still is funded by your tax dollars. Also think about how much telcos are making from this commitment. Now think about the quantity of internet-enabled fraud.

          Can you hear me now?

          No. /. doesn't support audio. It's more like a IP Relay conversation... oh wait, you want to stop t
      • Okay, as a deaf person... let me just say nobody would miss IP-Relay calls. They've been showing up at the expos trying to get customers for the last few years... it's a PITA to use. Many don't work right with Mozilla or Safari, forcing me to use IE ... Yikes. That gives me random disconnects during calls... YAY. The big thing these days is the video-relay services... which are MUCH nicer to use... the problem is upstream bandwidth which very few ISP's provide. 256K is what Sorenson requires, but they'
    • Modem as TTY terminal? I don't have a modem. I have broadband. What about IP relay via my sidekick pager? The service isn't broken - it works great for me. What's broken is your thinking.
      • The service isn't broken - it works great for me.

        Dir you read the article? Legit deaf people can't order things via TTY anymore because store owners won't accept the calls. That's a broken service for sure...
        • by MarvinIsANerd (447357) on Thursday April 15, 2004 @01:45PM (#8871846)
          I am legiminately deaf. I have never had a problem ordering things and I use the relay 50-75 times a year. Only once did was a call refused and that was by Ultimate Electronics. I simply proceeded to complain to the headquarters at the shoddy customer service and they promptly apologized and rolled out the red carpet. My family is all deaf as are most of my friends. Your "Legit deaf people can't order things via TTY anymore" is a fallacy.
      • So? I can't make voice phone calls with my broadband without additional hardware or software, and paying someone to terminate the call to the PSTN network.

        Without being rude, why is it unreasonable to expect a deaf person to buy a TTY terminal (phone) or a modem?
        • The same reason it is unreasonable to ask you to give up your cell phone. TTY's are anicent technology from the 70's. They are cumbersome and outdated. It is much nicer to just pop open a new window on your desktop when you need to make a call to find out when your car would be ready for pick up. Also great for emergencies - you might find yourself needing a tow truck in the middle of nowhere... you could open up your t-mobile sidekick, go to the ip relay site and call for a tow truck. Hearing people t
    • It's dying anyway (Score:2, Interesting)

      by Anonymous Coward
      Many deaf people are going away from the TTYs and are using fax machines.

      At least that what my parents and their friends are doing.
    • Data calls don't get along well with VoIP services...

      Where's you get that idea from? Certianly not practical experience. I use my Vonage line to connect to out-of-band modemns on routers on a routine basis. In Europe, I never have problems connecting at anything less than 14.4k. In the US, I often successfully connect at 28.8 and up. 9600 baud has never been a problem, and is plenty fast for the purposes of this article.
    • Modems are cumbersome. If I am at work and I need to make a phone call using the relay, simply opening up a web-browser is by far the easiest way.

      Not really sure how an authentication system work. One way I guess, would to have the users actually mail in documentation certifying that they are indeed deaf.

      Modems though. No. God no.
  • by Pig Hogger (10379) <pig.hoggerNO@SPAMgmail.com> on Thursday April 15, 2004 @01:16PM (#8871471) Journal
    Those scammers should have their eardrums busted when they are caught.
  • by Liselle (684663) * <slashdot@lise[ ].net ['lle' in gap]> on Thursday April 15, 2004 @01:17PM (#8871483) Journal
    This is the first I've ever heard of this, but the article does a really good job of explaining the background behind it. Hefty read, though.

    I would not want to be in the position of the CAs that have to put up with this. According to TFA, not only can they not legally refuse to process these calls, in most cases (no international calls), but they are also prohibited from breaking the privacy barrier. That's not something I ever considered, but it's good to know your translator is not allowed to tell the world that you just bought Viagra over the phone.

    On that note, they have to translate prank calls and phone sex. Jesus.
    • The privacy pledge is turning out to be too strict. Clearly, these people know when they're being taken advantage of... but they're not allowed to do anything about it.
    • by awtbfb (586638) on Thursday April 15, 2004 @02:06PM (#8872173)
      There are some perfectly legal things they can do to make these calls as poor quality as possible. For example, relay operators are allowed to hand the call off to another operator (e.g., use the bathroom in the middle of a long call, etc). They can also speak the text with long pauses between words, etc. Driving the quality of service for these types of calls down would very quickly make the mark less willing to stay on the line. However, this would give the relay a bad name in the hearing community.

      Alternatively, CAs are allowed to deliver a short instruction about the service. One could easily imagine a modification: "Have you ever used the relay before? ... No?... (stock explaination, follwed by) Please be aware that some calls placed through the relay are overseas fraud. Operators are not allowed to terminate calls but if you suspect fraud at any time, you may hang up..."
      • A warning like that would be absolutely perfect. It's short, precise and tells people exactly what they should be aware of.
        • by ShortSpecialBus (236232) on Thursday April 15, 2004 @04:07PM (#8873993) Homepage
          And would also be highly illegal.

          Relay operators, and the telephone companies that they are contracted through, are NOT ALLOWED to imply ANYTHING about ANY of the calls. They can't even acknowledge that prank calls DO happen, much less that fraud calls happen.

          I worked as a relay operator for 9 months. It wasn't that terrible of a job, for the most part. I have made some previous posts on it in the last story, if you search for those.

          In the greetings, we weren't even allowed to say that the person calling was deaf or hard-of-hearing, since anybody can use a TTY and we couldn't make any assumptions at all. Instead we said the system was commonly used by people who were deaf or hard-of-hearing. Saying the system is sometimes used for fraud would be COMPLETELY crossing the line, however.
  • Please... (Score:4, Funny)

    by Anonymous Coward on Thursday April 15, 2004 @01:19PM (#8871511)
    Will somebody just pull africas isdn line out of the wall.
    • Re:Please... (Score:4, Interesting)

      by LostCluster (625375) * on Thursday April 15, 2004 @01:25PM (#8871583)
      Will somebody just pull africas isdn line out of the wall.

      Seriously... a "data embargo" against Nigeria may very well be deserved at this point. They've clearly got a problem enforcing their own anti-scam laws.

      They should be busting these scam rings up, or admitting that they can't and seeking help in doing so. The fact that this isn't happening is very deserving... why do we want them as a data trade partner?
      • Re:Please... (Score:4, Interesting)

        by Pavan_Gupta (624567) <`pg8p' `at' `virginia.edu'> on Thursday April 15, 2004 @01:39PM (#8871766)
        You suggest an interesting solution to a rampant problem, but I'm afraid it couldn't possibly be an effective way to stop the traffic coming out of nigeria. A simple proxy will allow the scammer to do whatever he/she wants to do. Heck, I'm relaying my connection from my university to my home with little to no effort at all -- I'm sure our enterprising nigerian scammers could very easily do the same.

        And keep in mind, it's not only nigerians that are doing the scamming. Now that this method is being widely published, it'll definitely spread like wildfire until something definite is done about the problem. Don't forget that it wasn't too long ago that credit card fraud through little online shops was rampant (and many "pandits" were crying the online shopping world would crumble), but things changed. People learn especially quickly when they are losing money that they need to be wary of fradulent occurences.

        Perhaps what's most needed is an embargo on dimwitted idiots. Then we won't have to worry about people getting so easily scammed. Perhaps that even goes for the laws relating to the governance of the TTY service. It's a shame it's come to this.
        • Re:Please... (Score:3, Insightful)

          by LostCluster (625375) *
          A data embargo would work much like a trade embargo. Sure, "black market" activities would go under the radar... but the intent is to disrupt above-the-board activites in order to get the government to do something that it was supposed to be doing all along.

          Just like how WTO punishments can often be handed out to unrelated industries... the point is just to get the violation to stop.
        • What you're saying wouldn't work is blocking of their IP ranges. I think what was actually being proposed was severance of their data links to the rest of the world. All the open proxies in the world won't work if you can't connect to them in the first place. :)
      • Seriously... a "data embargo" against Nigeria may very well be deserved at this point. They've clearly got a problem enforcing their own anti-scam laws.

        I think you're forgetting one big point here: the 419 scammers mostly don't scam from Nigeria. Instead, they are active in a lot other countries, with The Netherlands being at the top of the list. So, forcing Nigeria to follow the 419'ers all the way to Hell isn't going to stop this.
      • What about the mountains of spam that comes from the US? I suppose you want a data embargo for the US, too? American authorities should be busting those rings up, or admitting that they can't and seeking help in doing so. Bagging on Nigeria (a poorer country) for something the US is equally guilty of is narrow-minded at best.
  • by Junior J. Junior III (192702) on Thursday April 15, 2004 @01:20PM (#8871529) Homepage
    Or rather, my girlfriend.

    I told the scammer in question to quit abusing her TTY services or I would beat the living hell out of him, and he did. Got right up and walked out of the bar after dropping a $20 for the drinks he'd bought. I recommended to my gf that she consider re-evaluating how her protocols broadcast the availability of her TTYs on public networks, and suggested she wear a turtleneck next time we went out. It hasn't been a problem since.

    Sometimes you need to know the right techniques to apply.
    • by LostCluster (625375) * on Thursday April 15, 2004 @01:41PM (#8871794)
      You should have sought a new service provider, I'm afraid. The fact that she was broadcasting availablity when in fact her TTY services were already fully subscribed to is a definite sign of trouble. Your only choice is to disconnect, as she may still be advertising availabity when you are not monitoring.
      • Your contract with the service provider is on an at-will basis. Either party may terminate the contract at any time without further notice. It is only prudent on the part of your service provider to maintain her brand image even while your contract is current. It is when she begins considering competing offers or worse, when she starts providing the services you have an exclusive right to, to others that you need to consider terminating your end of the bargain.

        At the same time you need to maintain your own
        • Your contract with the service provider is on an at-will basis.

          What, you're suggesting he avoid locking into a long term contract? Most of the service providers these days on insisting on them...
          • What, you're suggesting he avoid locking into a long term contract? Most of the service providers these days on insisting on them...


            Until you have a certificate from the government saying you are locked in a contract, you are not. Most service providers will try to intimidate you into believing that a verbal agreement is a binding long-term contract but you should know that they will not hesistate to dump you and move on to other clients unless you have a signed, written agreement to bequeath an arm, a l
      • Or instead of disconnecting you can run stalkd, the "Creepy Stalker Daemon" to monitor her process activity including unbuffered reads/writes and interprocess communication. But be careful, some processes like to call the hireLawyer() system routine which attempts to su to root and reapportion your quota to her UID as well as lock your login.
  • by Anonymous Coward on Thursday April 15, 2004 @01:21PM (#8871538)
    I work overnights in a call center, doing mostly tech support, but I am in a overflow buffer for a customer service/retail catalog. These calls are some crazy stuff. They take forever, the person is slow to respond, always wants the item shipped right now, before we run the credit card. It's always obscene amounts of stuff too. For example they may call and ask for one thing, and you say we are out, then they take the next item up, 5-10 of them. They are items that people would never buy more than 1 of, maybe 2. Does the company care? The outsourcing company doesn't, they are getting paid per call. The retailer, doesn't seem to care as much as they should. I don't know how various write-offs work, but my guess is they probably use this in their taxes, the fraud loss I mean. The relay(phone) companies need to put a stop to this.
    • A fraud loss tax-writeoff cussions the blow of a bad sale by allowing it to be deducted from the taxable profits... but it also deducts real profits as well. Fair enough that they don't have to pay taxes on money they didn't really make.

      Nobody's ever gotten rich off of claiming tax deductions. They've just prevented themselves from becoming needlessly poor by paying too much taxes. If your deductions outnumber your profits... you don't pay taxes, but you're also losing money as a business.
    • Does the company care? The outsourcing company doesn't, they are getting paid per call.

      I think you hit the nail on the head here. The fact that the government foots the bill for these calls is probably a disincentive for the Relay Centers to do anything about this, and probably why they will take disciplinary action against employees who think for themselves and refuse to handle obvious scams. A classic case of corporate greed. What it needs is for a fraud victim to sue a Relay Center for being an access

      • The only reason the call centers make money handling calls is that the government taxes every legitimate phone user to pay for this service.

        So I'm paying taxes on my landline and my cell phone to run call centers where 80% of the volume is Nigerian scammers. And so are you.

        Repeal the taxes and let the deaf people pay to access the IP call center. Or, if that's too free-market for you, then repeal *half* the taxes and let the deaf pay for *half* the service. Also add some authentication so that nobody c
        • In the UK, you pay normal phone rates to use BT Typetalk, and if you can show you are disabled, you get a rebate on the bill.

          The Nigerian Scammers wouldn't be able to show that they were genuinely disabled, so they would end up paying lots of money on their phone bills.
  • by Anonymous Coward
    Anything that's totally given away for free meant to help a certain segment of society should at least seek proof that the person taking advantage of the service is a member of that segment of society.

    No government in the USA hands out handcapped parking permits to everyone who asks. There's a documentation process to certify that one is entitled to it. Sure, that process sometimes gets fooled into giving a permit to somebody not entitled to it, but as least there's a paper trail created by such a fraud
    • Um, since LostCluster has already posted in this thread, I think he'll notice the post he made in the last one that you just plagarized from him. At least one mod missed the boat already.

      Original post. [slashdot.org]
      • Offtopic? Wow. Mods are idiots. I've said it before and I'll say it again, democracy simply doesn't work. :)

        For those that don't understand her (I assume Liselle is a her?), the point is that this is the second Slashdot article on this topic, and the AC simply copied verbatim a highly-modded post from the first one.
    • by Anonymous Coward

      keep text logs of the conversations

      This one doesn't make sense to me. Do the people who issue handicapped parking permits keep a list of the places people park? These conversations are often intensely personal; it's literally the only way some of these people can use a telephone. I agree completely with authentication, but keeping records seems intrusive and demeaning. And if they are kept, sooner or later the deaf will start getting "targeted" TTY advertisements...

      "You recently mentioned to your mother

    • by MarvinIsANerd (447357) on Thursday April 15, 2004 @01:57PM (#8872044)
      Keep text logs of the conversation?

      Slashdot blows up whenever there is a minor privacy issue but if it concerns deaf people, oh screw them. Keep logs of all their conversation and to hell with their privacy.

      Government does not hand out handicapped permits to everyone who asks... but neither do they record the actual usage (location, time, etc) of those permits.

      If you really want think text logs of conversations are ok then you are perfectly fine with the government also transcribing hearing people's phone conversations. After all, we want to make sure you are not planning terrorist attacks using your cell phone.
  • by Anonymous Coward
    Even the hard of hearing could use a bigger penis.

    They're deaf, not dead [] ) --laforge smiley
  • pranks via TTY (Score:2, Interesting)

    by British (51765)
    Go to phonelosers.net for some info on TTY related pranks, including, but not limited to:

    1. making the TTY operator saying funny things("PLA go away")
    2. Prank calling your friends across the USA via 800 numbers
    3. Don't have a voice changer? use the TTY relay operator's voice!

    RedBoxChiliPepper and friensds have been doing fun TTY for years!
  • ...that some /geeks have been involved in this one?

    Nigerian scams are but one annoyance CAs encounter on the job. They also facilitate phone sex and, frequently, endure prank calls in which college students and others call their friends--or even themselves--just for fun.

    Obligatory Simpsons reference: Moe: Is there a Symore Butts in the bar?... Hey, alright I am going to strangle you next time you do this kid...

  • by broothal (186066) <christian@fabel.dk> on Thursday April 15, 2004 @01:33PM (#8871702) Homepage Journal
    Funny mental images - A penis enlargement spam translated to sign language :)
  • by zuikaku (740617) on Thursday April 15, 2004 @01:38PM (#8871757)
    "...IP addresses, or for how long. He emphasized that such addresses are not tied to geography."

    While the addresses are not tied to geography, generally speaking you can tell which IP's are from inside the US and which are from outside. This is supposed to be a system used by deaf Americans, right? Just block all foreign IP addresses. It won't stop all of the false calls, but it will stop a lot of them.

    That seems the only solution, unless you come up with some kind of authentication.

    Of course, as the article states, the phone companies don't really have an incentive to stop the calls since they are paid either way. This may be one time that legislation is required.

    • Proxies, tunneling, VPNs? These all hide your IPs, and are legitimate to use for IP relay access. True, raw IP addresses can be very roughly whittled down to their country of origin, but that's not necessarily the real IP of the caller.

      Oh, and what about deaf Americans on holiday? No love for them?

  • by n1ywb (555767) on Thursday April 15, 2004 @01:40PM (#8871787) Homepage Journal
    I run a small online retail store, LED Supply [ledsupply.com]. One day last year I got a call:

    Hello this is AT&T relay operator 12345...


    The person on the other end wanted to order 40,000 of our EverLED LED flashlight bulbs. We only sold 1000 of these in all of last year. At $40 a pop, most people only want to buy one. So right away warning bells went off in my head. Some toolbag wants to buy $1,600,000 worth of product from a retailer he has no relationship with and he is doing it over TTY relay???

    I figured I'd try to find out a little more about the individual. I asked him where he was from. "Nigeria." WHOOP WHOOP DANGER WILL ROBINSON!!! Needless to say I cut the conversation short.

    It was a very difficult exchange, the Nigerian used broken english that neither myself nor the operator could really understand. It must have been very frustrating for the operator, I felt bad for her. The whole exchange took about an hour, it was extremely tedious. And it was a complete waste of my time. Thankfully that hour is ALL I lost.

    The Nigerian tried to call me back TWICE both times using the TTY relay, of course I wasn't about to give him any more of my time. Selling $1.6 million worth of product via TTY relay is unconventional, but I don't discriminate against the disabled. I do NOT however do business with ANYBODY in or from Nigeria.
    • Nor do you do $1.6 million worth of sales of that item on one transaction ever. That's not discrimination, it's scam avoidance.

      Well done.
    • Congratulations - this is EXACTLY what should have been done. You did not discriminate against deaf people. You merely avoided being a victim of scam. Now if you get a relay call in the future I hope you will take the call and if the person sounds legit that you would treat the deaf customer like any other customer you have.

      Relay calls are inherently slower than direct calls - this is simply due to having a third party translator. But an hour??! Something else was going on - he was probably using some
    • What does TTY or IP relay have to do with this? It's simple credit-card scamming. Could happen via email or, hell, even a regular phone call. (Someone who expects to recieve $1.6M in free ill-gotten goods surely doesn't care about international long distance charges??) Seems to me any number of alarm bells should be going off in the business-owners' heads regardless of the communications medium used.
    • So you don't discriminate against deaf people, but Nigerians are fair game? Jesus.

      Maybe you should discriminate against people who are obviously trying to defraud you, as opposed to an entire country of predominantly innocent people.

  • I am currently employed by an online retailer. We've been dealing with this problem for at least TWO years. The basic scenario goes something like this: we receive an order placed online with an obscene total, next day shipping, a yahoo email addy, or a combination of other flags that tell us it's fraud. The credit card address verification always comes back "does not match" in these cases. Then we send them a polite email stating that we can't process their order any further until the address does match. Within minutes the call center receives a call from an IP relay operator. Occasionally, they don't identify themselves as IP operators. So we always ask "Is this an IP relay call?" So far, they've never denied it. (In the last two years we've documented ONE TTY call.) At this point we accept the call and then explain to the scammer that we can't accept IP relay calls and that they should send us an email. Shortly thereafter we get an email from a different yahoo account that reads like a 419 scam. It's fun.

    Basically, the theory is that if someone is legitimately using the service, they're perfectly capable of sending email. The benefit is that we minimize the time spent dealing with scammers.

    If anyone else has methods of dealing with this nonsense, I'd love to hear it.

    • If anyone else has methods of dealing with this nonsense, I'd love to hear it.

      Ask what "GA" stands for (Go Ahead, used in TTY conversations).

      Other good "deaf centric" questions are:

      What city is Gallaudet [gallaudet.edu] located in?

      Who was Helen Keller? (famous deaf and blind woman)

      What was Alexander Graham Bell's job? (teacher of the deaf [agbell.org])

      What does ASL stand for? (American Sign Language)

    • by llywrch (9023) on Thursday April 15, 2004 @05:12PM (#8874946) Homepage Journal
      > If anyone else has methods of dealing with this nonsense, I'd love to hear it.

      I work part-time for a mail/telephone/internet catalog company, & handling the orders that came in by mail (which still accounts for about 10-15% of total sales last Xmas season) was an eye-opener about fraud. However, most of the possible cases stick out like a sore thumb. Typical clues:

      *The addresses for where the catalog was delivered, the address on the check, & where the person wants to ship the order don't match. Bonus clue when the address the catalog was delivered is thoroughly scribbled out, as if to hide where the catalog was originally sent.
      *Potential customer pays with one of those starter checks you get when you open an account.
      *Customer orders stuff that can be easily fenced: usually this means electronics, but jewelry falls into this catagory too. (My employer doensn't sell jewelry.)
      *Addition skills a first-grader would be embarassed over. (I had one chucklehead who rounded up on all of the prices -- $19.00 became $20.00, $27.50 became $30.00 -- & added an extra $20 on top of that, apparently because he still didn't have a firm grasp on this form of higher mathematics. I passed it to someone to research, & only later realised what was going on.)
      *Potential customer has got to have it overnight. (Sheesh, if you need it that soon, why didn't you give us a call & use a credit card?)

      Since it's always possible that an honest, real customer can do some, many, or all of these things, any suspicious order was passed to a senior employee who'd compare the names on the order against our database of customers to see if they'd tried this before, & a list of known fraud artists (retailers share this information), & then call to verify funds. If it passed all of these tests, then the order would be entered into the system to be filled.

      (One item that shocked the **** outta me was that a fair percentage of people had their Social Security Number printed on their checks. For the few who don't know, the SSN is the skeleton key to an US citizen's credit history.)

      Most of these methods are detailed in the original article, but it's amazing that a small amount of skepticism will block a large number of the scams. Based on that, I'd say that if a veteran TTY operator thinks a call is fraud, they're probably right.

      Geoff
  • by Flower Punk (411839) on Thursday April 15, 2004 @01:48PM (#8871892) Homepage
    The owner of my company received one of these the other day. He's in his 70's, but he's on the ball.

    He had one the other day where the operator relayed that the person wanted to know what credit cards our company accepted. He told the operator to tell them that we only accepted certified checks or wire transfers, and then told the operator that the person was going to hang up when they got that message.

    The operator relayed the message, and there was a pause. Then she said "I'm sorry sir, but it is my job to relay this message: 'Fuck you. Fuck you. Fuck you.'"

  • by LinuxParanoid (64467) * on Thursday April 15, 2004 @01:51PM (#8871947) Homepage Journal
    What's likewise crazy about online fraud to me is the following scenario.

    As an online merchant, we see online orders that are clearly fraudulent. But the credit card still goes through (we 'authorize' first which just deducts from your credit limit). We decide not to take the order; thus we don't do a 'capture' on the card that would deduct the money from the poor guy's credit card account. That way we avoid getting charge-backs that would ruin our merchant rating and that would cost us in the end anyway (if caught). But we do log that credit card # in our database. Sometimes SIX MONTHS LATER the fraudster will use that same credit card # on our site again and it is *still* being accepted by Visa/Mastercard!

    This is a broken system. As a merchant, we have no way (that I know of) to warn Visa/MasterCard or the issuing bank or the card holder that the number is being used for fraud! (Besides just going ahead and charging the card, knowing its fraud.) Certainly not an automated way to do so in the same way that we connect to payment gateways. It's just not in Visa's/Mastercard's interest to put a system in place because at the end of the day, the merchant is liable.

    I'm interested if anyone knows of a place where merchants can swap info about fraudulent cards or other fraud data.

    --LP
    • You DO have the power to contact the issuing bank and get the card flagged.

      Call your merchant bank, give them the card number and tell them you want the phone number for the bank that issued the card.

      Call the bank, ask for the security/fraud department. Talk to the sometimes unhelpful people and you'll make progress.
      • You DO have the power to contact the issuing bank and get the card flagged.

        Call your merchant bank, give them the card number and tell them you want the phone number for the bank that issued the card.

        Call the bank, ask for the security/fraud department. Talk to the sometimes unhelpful people and you'll make progress.


        Banks really should issue a bounty for those who report fraudlent cards in this way. Most merchants won't put that kind of effort into saving the rest of the world from fraud without having
    • I would strongly discourage you from seeking a place where merchants can swap info about fraudulent cards. You as a merchant are not an authoritative body to make a decision whose personal credit card information is a source of fraud. Plus, I suspect that participating in such an exchange of information would not only present an ethical issue, but it it would also place you in immediate and direct violation of your merchant agreement.

      Now let me ask you a question, since I always wanted to know and you see

  • by upt1me (537466)
    This is the forum [aimoo.com] they reference in the article.

  • Having worked... (Score:3, Interesting)

    by Misch (158807) on Thursday April 15, 2004 @01:56PM (#8872029) Homepage
    Having worked at the National Technical Institute for the Deaf [ntid.edu], I can tell you that IP Relay is the hottest thing there. Computer kiosks that were set up in the building used to be pointing to web pages within the school. When I left in 2002, most every time I walked past them, the browsers were opened to the Sprint IP-Relay center.

    I wonder. If people shit on the commons, can we go back and chase them off with a gun?
  • by pigeon768 (589860) on Thursday April 15, 2004 @02:04PM (#8872137)
    From the article:
    a fourfold increase in that single category of complaint, even while other criteria such as
    typin accuracy and speed improved
    bahahahahah
  • Ip and Geography (Score:3, Informative)

    by augustz (18082) on Thursday April 15, 2004 @02:07PM (#8872191) Homepage
    AT&T spokesman Cruz says his company can block scam calls but would not reveal whether AT&T had ever blocked IP addresses, or for how long. He emphasized that such addresses are not tied to geography.

    Wow, the AT&T folks are technically clueless it seems. Deteriming which country an ip is from is reasonably possible given the fact that IP blocks and other tools (traceroute, rdns) exist. Either they don't know what they are doing or they are in it for the money. Remember we are not talking specific geography, but country level location.

    http://ip-to-country.webhosting.info/ for example.

    Am I missing something. Does ni not have any IP blocks or providers or standard routes? When I ran a site it was pretty trivial to work out what country someone came from even if the block wasn't clear, have things changed?
    • They're pointing out that any IP-based block could simply be defeated by the Nigerians going around and using any open web proxy in another place.

      However... the law says they should only be getting paid for sessions that originate from the USA. I say the burden should be on the telcos to submit evidence that a user is a real person in the USA before they can claim their money. Since the IP isn't good enough to verify a location, you're gonna need to collect something else. :)
  • From the article: The FCC agreed to use the Telecommunications Relay Service Fund to pay for IP Relay for the same technical reason that allows easy access by scammers: unlike phones, which can be quickly traced to a particular location, computer IP addresses are not tied to any place. As one FCC document put it, "WorldCom states that there is no way of determining the origin of IP Relay calls, because Internet addresses have no geographical correlates."

    I'll plead ignorance -- I assume they're right in s
  • I'd submitted the original AZ Star story on this scam, but after reading this new article, all I can say is, "Now THIS is journalism!"

    Very impressive, City Paper.
  • A friend of mine keeps his bike pretty much permanently posted for sale, and a while ago he got one of these calls from Italy from someone "interested" in buying it. He actually told the woman not to take the calls from now on.

    Anyway, once we discovered the service, we found out it was a really fantastic way to crank call people. Heh.
  • Dear God! We can no longer trust our TTY services!

    root@pth1:~# rm -f /dev/tty*
    root@pth1:~#

    OK. I think I should be safe now.

E = MC ** 2 +- 3db

Working...