That is how it is done indeed. The key to this round is that when they are setting up new voicemail boxes they are using weak default passwords. > > >---- Original Message ---- >From: mschuette@private >To: crime@private >Subject: Re: CRIME FW: [Information_technology] Daily News 9/15/03 >Date: Mon, 15 Sep 2003 14:06:31 -0700 > >>1) hack the mailbox >>2) record the greeting to include 'yes' at certain intervals that >match >>with the collect call process >>3) call collect to batswana and use the voicemail number to charge >it to >>4) att operator connects to voicemail box and gets 'authorization' >from >>a prerecorded voice which they mistake for a real person >>5) unaware voicemail owner gets large invoice next billing cycle >>6) att refuses to waive charges because of the access gained through > >>default and weak pin codes >> >>anyone feel free to correct my recall on how the scam worked >> >>Raan Young wrote: >> >>>>Voice mail hijacked to accept collect calls from crooks. The words >"Yes, Yes, Yes" ... >>>> >>>> >>> >>>I'm missing something. It's not clear to me what point there is to >this. >>> >>>I haven't made a collect call in a long time, but it used to be >that the operator would ask >>>the receiver if they would accept a collect call from so and so, >then make the connection if >>>they agreed. >>> >>>So it seems like all this con would do is leave somebody connected, >via a collect call, to >>>the victim's voicemail box. Other than as a prank (or a way to >drive up AT&T's income :-) I >>>don't see any value to this. >>> >>>Can somebody enlighten me? >>> >>>Raan >>> >>> >>> >>> >>> >>
This archive was generated by hypermail 2b30 : Mon Sep 15 2003 - 16:07:10 PDT