==Phrack Inc.== Volume One, Issue Six, Phile #11 of 13 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= *-=+^ Phrack World News ^+=-* Issue Five/Part 3 Compiled and Written By Knight Lightning =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Cracking Down On Abuse ---------------------- This article is from the January issue of MCI World, a monthly newsletter published by MCI for it's employees. ------------------------------------------------------------------------------- The nationwide attack on telephone fraud got a boost recently when the U.S. Secret Service joined the effort to curb the crime that costs the industry millions in lost revenue annually. The Secret Service used new jurisdiction over the telephone fraud for the first time to arrest five individuals in raids on four illegal "Call-Sell" operations in New York City last November. The five suspects are awaiting trial in federal court on charges based on a Secret Service investigation conducted in cooperation with MCI and other members of the long distance telephone industry. The defendants were charged with violation of a law on Fraud In Connection With Access Devices which carries maximum penalties of 15 years imprisonment and a fine of $50,000, or twice the value of the fraudulent activity. Several other investigations are under way and future arrests are expected, according to a Secret Service spokesman. MCI cooperated in the investigation as a company and through membership in the Communications Fraud Control Association (CFCA), made up of some 35 telephone industry firms. "Because it's an industry-wide problem, we have organized to crack down on all kinds of fraud, from the isolated 'hacker' to more organized schemes to use long distance lines illegally," said Everick Bowens, senior manager of MCI security investigations and president of CFCA. The Secret Service said that in the New York cases, the defendants operated Call-Sell businesses out of their homes and charged "customers" a flat fee for making long distance calls. They used "Blue Boxes" and stolen or compromised authorization codes or credit card numbers to use the long-distance networks of several companies. Blue Boxes are electronic tone-generating devices used to bypass billing systems and gain access to company networks. They can be assembled from generally available electronic parts or they can be purchased ready-made through illegal sources. In the New York raids, agents seized unauthorized cods and credit card numbers, four Blue Boxes and more than 20 telephones. It is estimated that in 1984, fraud in the telecommunications industry totaled $500 million nationwide, and approximately $70 million in the New York City area. CFCA members are primarily inter-exchange carriers, such as MCI, but resale carriers and some Bell Operating Companies (BOCs) are also members, along with representatives of computer services and credit card companies. Bowens says CFCA is intensifying efforts to stop the spread of fraud. Among other things, CFCA is developing educational packages for carriers and the public to promote widespread understanding of telephone fraud and ways to counter the crime. "Our aim is jointly to prevent, detect, investigate and prosecute any fraudulent use of our long-distance networks," Bowens said. Authorization codes are obtained by theft from individuals and by "hackers" who randomly try combinations of numbers by telephone or through computer scanning of number combinations until a working code is "hit." Illegally obtained codes are fraudulently used by "boiler room" telemarketing operations, for example, or are passed along for use by individuals. MCI had developed software to detect illegal entry into its network and it is expected that the spread of dial 1 service, in which authorization codes are not used, will help reduce the incidence of telephone fraud. ------------------------------------------------------------------------------- Comments from the Bootleg: You reckon they mean us??????????????? What's wrong with them, can't they take a joke??????????? _______________________________________________________________________________ The Many Faces Of Fraud ----------------------- The following is an article from the January issue of MCI World, a monthly newsletter published by MCI for it's employees. ------------------------------------------------------------------------------- This new year will see a stepped up MCI attack on telephone fraud--illegal use of the long distance network through access by stolen authorization codes or electronic devices. The offensive is led by Everick Bowens, senior manager of MCI's security investigations department and president of the industry-wide Communications Fraud Control Association (CFCA). Success in curbing this theft of service has earned MCI security investigators a reputation as super sleuths at headquarters and in the divisions. New teeth were added to the attack on telephone fraud when the U.S. Secret Service was assigned to augment continuing investigative efforts by the FBI and other law enforcement agencies. Because telephone fraud is outright theft from the company, MCI is determined to prevent, detect, investigate and prosecute any illicit use of its network. To learn more about how MCI conducts its anti-fraud campaign, MCI World talked with Bowens. MCI World: Is it true that MCI has systems that can detect fraudulent activity while it is occurring? Bowens: Yes, our fraud systems detect abnormal usage and hacking. The systems also help us to track down offenders even when we have only the authorization code he or she is abusing. Because we can profile abusers and trace phone calls, it is easier for us to prepare cases for prosecution. MCI World: Abuses involving computer "hacking" to get authorization codes seem to attract public attention. But there are other types of fraud equally damaging to the telecommunications industry. Would you identify some of these? Bowens: The primary form of abuse is by "hackers," who use computer programs to derive customers' authorization codes. These codes can be widely disseminated via electronic bulletin boards. Because many of these boards are public, the codes fall into the hands of anyone with access to the boards. We also encounter electronic toll fraud, which involves tone-generating devices that allow offenders to place fraudulent calls. MCI World: Is one type of fraudulent activity more prevalent than another? Bowens: Nationwide, fraud most frequently originates from military posts, college campuses, and prisons--places where there are numbers of people far from home, or who have little else to do but manipulate the telephone. This type of abuse prompts the bulk of our investigations. MCI World: Who is most likely to commit fraud? Is there a general profile of the common offender? Bowens: Computer crime typically occurs in affluent, metropolitan suburbs and involves juveniles. Electronic fraud also occurs in major metropolitan areas. Other abusers, such as high-pressure tele-marketeers, usually follow the coast lines. California and Florida, for "boiler room" operations in which phone service is used illegally to sell merchandise. However, fraud can't be totally attributed to any specific group at any particular time. MCI World: How can you keep up with code abuse and fraud? Don't offenders change frequently? Bowens: Interestingly enough, the patterns don't change much. Those who commit fraud form a finite community that doesn't expand a great a great deal over time. Casual offenders, individuals who may take advantage of a "hot" toll free number, will use the number only when it's hot. Once the number no longer works, they're not likely to repeat the offense. On the other hand, repeat offenders are dedicated to getting something for nothing. They're somewhat easier to identify because they commit the same offense over and over. MCI World: How does MCI know when it is the target of fraudulent activity? Bowens: Our systems generally alert us, or an employee or a customer informs us. People know the MCI name. When they recognize something happening illegally with an authorization code, they'll get in touch with us. People generally feel that a cheat is a cheat, a crook is a crook, and if they have to pay full value for a phone call they see no reason why someone else shouldn't. There also are professional tipsters who go from one company to another offering information for a price. However, we rarely deal with them. MCI World: Which MCI people, by the nature of their jobs, are most likely to detect or at least suspect, fraudulent activity? Bowens: Our switch technicians have been very instrumental in detecting abuse. They're in a position to identify extensive busy signals on circuits, abnormal calling patterns, and code use. They've identified many hackers just by reviewing their daily call statistics. Employees in our billing department are also good at spotting unusually large bills and abnormal patterns. Though most fraud is detected by the systems we have in place, the human eye continues to be extremely helpful. MCI World: In addition to working with internal people to help detect fraudulent activity, you also rely on the expertise of external agencies. Which outside agencies assist you with investigations. Bowens: When fraudulent activity involves the theft or illicit use of authorization codes or credit calling cards, MCI and the Secret Service work together to investigate the case. If other activity is involved, such as the use of our service in furtherance of other crime, MCI works with the FBI. When the U.S. Postal Service is manipulated in a fraud case, MCI and postal inspectors investigate together. Additionally, Bell Operating Companies (BOCs) often provide hard evidence in cases that MCI prosecutes. MCI World: When you are alerted to suspected fraudulent activity, what steps do you take to open and pursue the case? Bowens: Security investigators contact the customer whose code is being abused, advise them of MCI's suspicions, and attempt to confirm them. If the response confirms their suspicion of fraud, they open the case. Normally, an investigation entails much research into toll records to identify abusers, unusual call patterns and the parties who might be involved in illicit activity. We also interview parties receiving the calls and document their statements. Once we collect sufficient evidence, we decide whether a case should be pursued as a criminal or civil action. MCI World: How long does it normally take MCI's investigators to "crack" a case? Bowens: Typically, investigators can crack a case within hours. Identifying fraud suspects is the easy part. Amassing the evidence--dotting all of the legal i's and crossing the t's--is tougher. Gathering evidence may take weeks and large cases involving many parties can take months to solve. MCI World: With fraudulent activity knowing no geographical restrictions, how do you segment the problem divisionally? Bowens: The security investigations department acts primarily in an advisory capacity, helping investigators in the divisions with procedural matters. The divisions generally take responsibility for investigating fraudulent activity within their jurisdictions and corporate investigators pursue cases that are large in scope or require specific expertise. Corporate also takes on cases involving offenders operating in more than one division. MCI World: Can you elaborate on MCI's goals for reducing the level of fraudulent activity? Bowens: We want to reduce fraud to the lowest possible level. One of MCI's goals is to cut fraud by more than half in 1986. We want to be the industry leader in curbing this illegal activity. _______________________________________________________________________________ Broadway Hacker Turned Fed Informant? June 2, 1986 ------------------------------------- Broadway Hacker recently called Phreakers Quest and left feedback to the sysop of that system (Shawn) saying, "I do believe that some of this information here is illegal." Shawn called Dark Creeper and reported this to him who then later told it to me. Sometime later, Broadway Hacker called Knight Bandit to voice validate him for The Radio Station. He claimed he was some sort of fed and that KB would be hearing from someone in Bell Security. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The Radio Station is down because Broadway Hacker has sold his computer, his disks, and everything else and is moving to his new job at an unknown destination. When I spoke with him, he went on that he sold his user log, but would not comment on that any further. He wanted me to print that he was a fed and that all of his formers users would soon be receiving visits from the FBI. This is exactly what he told Phantom Phreaker and several others which started a mass riot in the phreak world. One result was the takedown of Alliance for fear of its safety. It since has been put back up. Broadway justified his actions by saying that by telling rodents he was a fed, it would keep them off his board. Later he said that since he is leaving the phreak world and no one knows where he is going, "To hell with the phreak world, let it fall apart and die for all I care." So this fed scare is an attempt to do just that. Was it a joke? Did he mean that really? I don't know. Maybe he did mean it then but now has changed his mind... No one should be worried about this, everything is ok, and Broadway is not working with the FBI. He now claims that he needed his line free for business calls and all of the above were attempts to get people not to be calling him as he didn't have the time or patience. Use your own judgement. Broadway Hacker still has his Vic 20 and an old modem and is attempting to get back on boards. He has also stated that the Radio Station BBS will be put back up at the end of the summer. Where it will be run from is unknown although, Broadway speculated that when it returns it would be run off of an Amiga. Information Provided by Broadway Hacker/Dark Creeper/Knight Bandit/Phantom Phreaker _______________________________________________________________________________  P.O. Box 2003 Downloaded From P-80 International Information Systems 304-744-2253 12yrs+