Overseas Crooks Abuse TTY Phone Service 304
Rick Zeman writes "The Arizona Daily Star is reporting on how 419 scammers and credit card thieves are abusing the US' TTY service which enables hearing-impaired citizens to make phone calls with the help of an intermediary operator. 'The callers try to use stolen credit-card numbers to make big purchases of merchandise from American companies. The operators often suspect fraud, but they can't just hang up. Federal rules require them to make the calls and keep the contents strictly confidential.' Yes, Virginia, they have no shame...."
No authentication leads to abuse... (Score:5, Insightful)
No government in the USA hands out handcapped parking permits to everyone who asks. There's a documentation process to certify that one is entitled to it. Sure, that process sometimes gets fooled into giving a permit to somebody not entitled to it, but as least there's a paper trail created by such a fraud that can be followed once it is discovered.
Free TTY services be allowed to issue usernames and passwords to their customers, keep text logs of the conversations, and able to revoke the access of those who abuse their accounts. Basically, the laws that are requiring them to be open are also regulating this service to its death. This needs to be fixed quick.
Re:No authentication leads to abuse... (Score:5, Insightful)
http://www.access-board.gov/telecomm/marketrep/app endices/ttyvm.htm
That's 200000-700000 people using an older type of tty terminal. Maintaining a database and logs for this many users alone is a fair-sized task, and the offices are distributed nationwide.
I'm afraid a cost-benefit analysis would reveal that it's (currently) cheaper to let the scammers scam:(
Re:No authentication leads to abuse... (Score:3, Insightful)
Re:No authentication leads to abuse... (Score:4, Interesting)
Re:No authentication leads to abuse... (Score:3, Interesting)
Iddiot CC merchants deserve what they get.
Re:No authentication leads to abuse... (Score:5, Informative)
Since this is
This hardware requirement why internet relays are so nice - you can just use a regular computer without messing with extra gear and you can call from just about anywhere. Furthermore, you can now access the internet relays via smartphones and PDAs, thus giving users a truly mobile option.
Re:No authentication leads to abuse... (Score:2)
Like email?
Re:No authentication leads to abuse... (Score:5, Insightful)
You can't be serious... Would you advocate keeping a log of every voice call as well, and revoking phone service from those who "abuse their accounts"???
Who's going to define "abuse"? Can a TTY user have phone sex, or is this something the deaf shouldn't be allowed to access?
-bs
Re:No authentication leads to abuse... (Score:2)
Actually, I think a pretty good case could be made that the TTY users shouldn't have access to phone sex services. Not only is it pointless (they could just use IM or e-mail instead) but it would be unfair to the person relaying the conversation. Would you want your daughter/mother to be relaying phone sex for people?
Re:No authentication leads to abuse... (Score:3, Informative)
Maybe we need to rethink the whole 'equal access' thing. Why jump through hoops to give the disabled to nearly every segment of society? So they can feel 'normal'? They aren't... that's part of the definition.
I mean, what's the point? What is the justification here? I'm not asking this to make flames or troll here... I honestly want to know why this is considered to be a good and desirable thing?
Re:No authentication leads to abuse... (Score:2, Interesting)
If we have to pay for it (the phone system in the US is partly paid for by taxes), we should be able to u
Re:No authentication leads to abuse... (Score:3, Insightful)
Blind people and drivers licenses aren't quite the same as TTY services or closed captioning. If someone doesn't use TTY correctly or is deaf and doesn't use captioning, no one gets hurt -- but a person who can't see well enough to operate a
Re:No authentication leads to abuse... (Score:2)
Re:No authentication leads to abuse... (Score:3, Insightful)
We don't give the disabled access to everything. Case in point: you do not see wheel chair bound workers placing the I beams of skyscrappers.
We provide the disabled access where it is feasible. I know many hard of hearing (and a few deaf) people, and the majority are otherwise normal smart people. They can function in society with just a little help. Now I have a choice: I can give them money for food each day, or I can pay for a few things like TTY operators and let them then earn their living. T
Re:No authentication leads to abuse... (Score:2)
But why is it the right thing?
Sure, it's a nice thing. But why be nice? And what makes it 'Right'?
Who are you (Score:2)
Re:Who are you (Score:2)
I wouldn't want to stop your kinky daughter from doing that if she wants! Maybe the right answer is to require phone sex companies to cater for deaf people directly so that they don't need to go through a relay service. Then your daughter could be a full-time phone sex relayer, if she so desires.
Sorry, (Score:2)
Re:No authentication leads to abuse... (Score:2)
Re:No authentication leads to abuse... (Score:4, Insightful)
Insightful? Last I checked, phone sex was not illegal whereas credit card and wire fraud are.
I do, however, agree that logging calls is a very, very Bad Thing to do. The companies being scammed need to have safeguards in place to make sure they can not only recognize problems, but go back and figure out what happened, who did it, and where they are with the help of law enforcement.
TTY ops are intermediaries. Their job is not to protect companies on one side of the line from fraud and vice versa. They are there to channel information, not concern themselves with its content.
Re:No authentication leads to abuse... (Score:2)
Re:No authentication leads to abuse... (Score:2)
Log today, spam tomorrow (or worse) (Score:5, Insightful)
keep text logs of the conversations
This one doesn't make sense to me. Do the people who issue handicapped parking permits keep a list of the places people park? These conversations are often intensely personal; it's literally the only way some of these people can use a telephone. I agree completely with authentication, but keeping records seems intrusive and demeaning. And if they are kept, sooner or later the deaf will start getting "targeted" TTY advertisements...
"You recently mentioned to your mother that you're thinking of moving. Contact Local Realtors Inc for a free consulation!", etc.
To say nothing of the legal implications; a warrentless wiretap on thousands of American phones, always running, in plain-text, east-to-search format.
Re:No authentication leads to abuse... (Score:2)
I don't think you understand (Score:4, Interesting)
How would you put a password protection on this? Would every hearing person have to register a spoken password to be able to call a deaf person?
The point of the relay service is to allow deaf and hearing people equal access to the phone system. If I need a password to call a deaf person but not a hearing person, that's hardly equal access.
Deaf people would never stand for such unequal treatment. They would be even more insulted if you said that they can't take care of themselves by screening their own scammers as hearing people do.
Alternate solution? (Score:3)
Re:I don't think you understand (Score:2)
I'm sympathetic, honest, but to play Devil's Advocate, how is that equal access? I can't get free translation service to call someone who speaks a different language, so why should your boyfriend get unlimited access to such a free service?
Having said that, I can think of a few legitimate reasons why, but I wonder what the "official" answer is. What do TTY advocates tell people who feel that they shouldn't have to pay to support that service?
Re:I don't think you understand (Score:3, Interesting)
Not that I think the idiot plan of logging is anything other than an idiot plan, but I thing they're only talking about requiring a name and password for a deaf person to call out, not requiring a password to call a deaf person.
I admit, this is still not equal access: the deaf will need to (briefly) identify themselves and provide proof of their identity (the password) to make a phone call, where the hearin
Re:I don't think you understand (Score:2)
The password thing would be for his outgoing calls.
I don't think you understand either (Score:2)
So there is no taking care of themselves. They are just bystanders.
Re:No authentication leads to abuse... (Score:2)
Yeah, because only hearing people should be allowed private phone conversations. The Fourth Amendment doesn't apply to deaf people.
Re:No authentication leads to abuse... (Score:5, Informative)
Yes. Requiring some sort of proof that the service is needed as you suggest might also be desirable.
keep text logs of the conversations,
No.
As I recall my sign language instructor explaining, the TTY Relay Service operator (and, I suppose, anything they might keep a hypothetical log with) is legally considered to be part of the telephone. They are NOT allowed to discuss anthing they hear; and any testimony they give about anything they have heard prior to a wiretap warrant being issued is legally inadmissable. You can be planning a murder, and the operator just has to relay the messages back and forth. It's a condition of legal privilege similar to those of spouses, doctors, lawyers, and the Secret Service.
Allowing mandatory logging would effectively put a bug into the phone of every deaf person who has need of this service. Any regulation or legislation permitting this would be struck down in court as a violation of the equal protection and reasonable search clauses.
As for the phone companies doing it themselves, they are under what is called "common carrier protection"-- they make no judgements over what to carry, they just send the voices back and forth, whether it's a call to mom or a death threat. Yes, harrassing calls are illegal, but the phone company only can take action AFTER the recipient complains. Logging, and revoking access based on use, would remove the Telco common carrier protection, and they REALLY don't want to do that. Not to mention the incidental that this might get them sued for civil rights violations under that pesky equal protection clause again.
This report does lead me to wonder, however. I recall being informed by a professor who specializes in history of computing that the phone phreak community back in the 1970's to 1990s was had a very large blind community. While speculations on the cause of that are moot to the matter at hand, there might actually be a group of deaf/hard-of-hearing folk who are gathering around this new (and even less moral) illegal activity. If so, it would be depressing.
Disclaimer: I am not a lawyer, I just argue with one.
Re:No authentication leads to abuse... (Score:2)
Do you really believe our justice system would require the level of moral depravity you are discussing?
I've got news for you, I don't give a shit what your job is, but if you reasonably believe someone is planning to commit a serious felony such as murder, you are required to report it to the authorities. T
Re:No authentication leads to abuse... (Score:2)
We did that unofficially at my previous tech support gig. The entries looked like:
They all meant well, sure, but providing tech support to someone who's not a computer expert via someone who thinks a TTY is spiffy is an exercise in sadomasochism.Re:No authentication leads to abuse... (Score:3, Informative)
all of which supply aid in some form to those with special needs.
Re:No authentication leads to abuse... (Score:3, Informative)
-Ab
Re:No authentication leads to abuse... (Score:2)
What a horrible job. (Score:5, Interesting)
Let's describe the job of a Relay Operator:
No matter what the phone call, or what the content of that phone call is, the Relay Operator must, by law continue the conversation.
When a deaf person is feeling lonely they might decide to call a phone entertainment line, man or woman, having to type this in, and say what the deaf person types.
Like the job of a relay operator isn't bad enough, now the operators have to deal with Nigerian poor grammer while perpetrating fraud.
Re:What a horrible job. (Score:4, Informative)
Assistants to disabled people have dealt with this for a long time; there is even accepted codes of conduct for various situations (basically, assistants should have a similar moral outlook as their bosses, or they will likely not be able to work together over time).
Re:What a horrible job. (Score:5, Informative)
Mind you, this wasn't normal tty relay. This was IP-Relay, which allows anyone with a computer to use it as a tty basically.
Because I've signed NDA's and don't really want to break federal law, I can't go into detail about any calls, but I think I can safely say that what the article describes is pretty accurate.
Also, As for sex lines, that's not too common with IP-Relay. What is common though is bored high school kids calling each other and being very creative with what they make you say/type.
It's funny for a while, and not that bad of a job, but a lot of it is tedious, dull, and annoying (Touchtone menus...AARGH).
Re:What a horrible job. (Score:3, Funny)
Bart
Moe
Still cracks me up
Re:What a horrible job. (Score:2)
Operator reads: "I am the nephew of rich General Hooya..."
Operator says: "He says *coughbullshit* he's the nephew of rich General Hooya *snicker*..."
Re:What a horrible job. (Score:2)
A fe
No different (Score:3, Insightful)
I would be a lot more worried about the idea of an outside party filtering my incoming calls without any control from me.
More specifically, it is hard to have fun with phone salesmen or religious door-knockers once they learn to avoid you.
Re:No different (Score:3, Insightful)
The accent helps (Score:2)
It's also just one more layer of obfuscation between the scammer and the mark.
Re:No different (Score:2, Insightful)
Re:No different (Score:2)
If I can identify someone placing an order as being from Nigeria, you can bet that I will "discriminate". Corruption and fraud are the primary source of the country's income.
We've gotten this (Score:5, Informative)
Do you sell laptops?
No, we don't sell any laptops.
How about desktops?
Yes, we do desktops.
Will you ship overseas?
No, no overseas shipments.
Ok..ok...how about Los Angeles.
We can do that.
Ok, I have credit card, I can pay now.
We'd need some sort of verification that you are the cardholder.
The conversation goes downhill from there. The first few times we took it seriously, but since then we've refused to take relay calls. If we hear the operator say "This is a relay call" we interrupt and say "Sorry, we don't take relay calls" and then HANG UP. If you don't hang up, the operator will say "hold" while they type out the message and then wait for a response. Waste..of...goddamn...time. Slamming the reciever down helps. If there's any people who genuinely use the service...sorry, we just can't afford to spend hours wading through these phone calls to get to you.
Yes, Hang up! (Score:4, Informative)
If the person calls back 2 or 3 times, you might want to take the call, however. The scammers/people who aren't who they say they are won't have you do that. The real deaf people are used to that, so they have you call back a few times in hopes to get a different person who will take the call, or give you a chance to convince the person to talk.
But if you still have no intention of taking the call, just hang up, saying as little as possible.
It saves the operators a lot of trouble.
you are not alone (Score:2)
FYI, they have adopted the same response you have. I am certain we'll be sued as well because some folks designed an exploitable soltion and then legislated (read: forced) its use.
On a related note, this strongly smells like the spam laws of late.
Regards,
-- RLJ
Re:We've gotten this (Score:4, Funny)
I don't sell laptops and I don't ship overseas. If the caller asks why, I say that I am a retail store and prefer that my customers pick up their merchandise in person. My final defense, which I haven't had to use yet, is to say that I only sell the Commodore Amiga.
John Sauter (J_Sauter@Empire.Net)
Re:We've gotten this (Score:5, Informative)
Re:We've gotten this (Score:2)
Re:We've gotten this (Score:2)
I worked the job for 9 months.
You don't like being talked to, because if you are being monitored, you lose points for it, and there goes your raise. It's hard to handle that situation properly, so you're almost guaranteed to get a bad eval by QA.
Re:We've gotten this (Score:3, Informative)
Most hearing people who call the service make comments to the operato
Re:We've gotten this (Score:2)
Re:We've gotten this (Score:2)
will you please tell him blah blah blah
they try to talk *to* the relay operator as if they're a person they need to go through. they should go like
blah blah blah
instead.
during the conversation, the relay operator will augment the conversation like this:
(background music)
(crying in background)
(ur msg was garbled pls resend)
Re:We've gotten this (Score:2)
Re:We've gotten this (Score:5, Insightful)
Thankfully, legitimate deaf people can use the internet to make their orders, a lot quicker I would guess.
Re:We've gotten this (Score:5, Informative)
That being said, I would recommend at least listening to the first sentence of the caller before thinking about hanging up. Just yesterday I called a local computer shop to check the price of a power supply, and the conversation was quick and polite. (I doubt nigerian scammers would want to buy a $60 power supply and ask about the store hours). Here's approximately how a conversation goes: (other end begins with a colon)
: dialing... 1... 2... answered... (male) thank you for calling computershop inc. how can i help you q ga
hello. what is your lowest price on a 500 watt power supply q ga
: let me check one moment (hold music) I have one for 59 90 ga
thank you. and what time are you open until tonight q ga
: 6 pm ga
thanks a lot ga to sk
: thank you (call ended)
: ga or sk
ca thank you sk
: sksk
A little terminology: "ga" means "go ahead", "q ga" is asking a question, "ga to sk" is signaling that you wish to end the conversation ("sk" meaning "stop keying"), "ga or sk" is essentially the CA asking "is there anything else I can do for you?", at which point I thank him/her and signal the end of the conversation. "sksk" is the final signal that the conversation is over.
Re:We've gotten this (Score:2)
Also worth noting is the serial nature of TTY conversations. You have to wait for the other person to finish what they are saying before you start. As such, don't interrupt and try not to get into lengthy monologues.
That being said, I would recommend at least listening to the first sentence of the caller before thinking about hanging up.
I cannot stress this enough. It's truly stunning how many people assume relay calls are telemar
Re:We've gotten this (Score:2)
Which is exactly the problem. You're taking a perfectly reasonable position: every single relay call you get is a scam artist, you don't want to waste your time talking to them. However, as a result you're blocking off the very, very rare deaf person who really needs the relay system. It's a
Re:We've gotten this (Score:3, Interesting)
Re:We've gotten this (Score:2)
I have yet to run into this, but if I was refused business just because I had to use a relay, while normally-hearing customers were allowed to order over the phone, and the only thing
Re:We've gotten this (Score:2)
I've recieved a number of fraudulent calls as well. We no longer accept relay calls either, but it's certainly not to discriminate. The only phone service we provide to customers is the status of a computer in for service. For our deaf customers, we converse via email and fax. We simply do not take phone orders f
Re:We've gotten this (Score:2)
Re:We've gotten this (Score:2)
If he's never received a legitimate relay call, and he keeps receiving time-consuming fraudulent ones, then he's not hanging up because the caller is deaf. He's hanging up because he justifiably believe the person is a scammer. Another person in the thread suggested that a legitimate caller would likely call back. Sucks, but do you seriously expect the store owner to spend hours tak
Re:We've gotten this (Score:2)
Re:We've gotten this (Score:2)
Re:We've gotten this (Score:2)
Free matter for the blind. (Score:3, Interesting)
I read about it several (over 15) years ago in some magazine. Basically when mailing a letter instead of a stamp you just write free matter for the blind.
I think I may have tried it once back then to send myself a letter just to see if it worked. Can't remember if it did though.
Re:Free matter for the blind. (Score:3, Interesting)
Some Good Examples of Deaf Relay (TTY) Abuse (Score:2, Informative)
http://phonelosers.org/sound.html [phonelosers.org]
Specifcally this one which would probably get you a trip to camp X-ray today
Phone_Losers_of_America_0118_Deaf_Relay_Commuter_
419 Scammers ? (Score:3, Funny)
Mh, I wonder how they counted that there were precisely 419 of them.
I've had this happen where I work. (Score:3, Interesting)
The most annoying part was the amount of time it took to complete the calls. I can't be rude to a
ofcourse (Score:4, Insightful)
You know how difficult (and expensive) it is to both track down the people and get a conviction? Laws are made on a national level, institutions such as police and justice departements are also pretty much bound to their specific country (unless you just act as if you own the world), hence international crime has little or no resistance. I mean, why would you care if the crime has been committed elsewhere?...
Same with spam, really. Most spam I receive comes from scumbags on US soil, and it's pretty hard to harm them from here. As opposed to local spammers: a friend of mine once made a real-life visit when he received a spam email from a company not far from where he lives. He didn't get any spam anymore from that company.
That might be a viable solution to the spam problem anyway: just a global team-up of people willing to visit spammers living close to their own home. I'm not implying a violent posse here. Even a criminal would get a clue when there's suddenly a bunch of very pissed off people in front of his/her door.
Simple Fix... (Score:3, Insightful)
Here's a simple fix:
Change the TTY/Realy number to a 1-900 numner and charge calls from whereever ther're made. Say $1.00 a minuite.
Then every month - Registered and bonified deaf people can submit a copy of their telephone invoice to the Federal Government and get a refund check for the amount used.
People who abuse the system without being daaf get to pay for it - deaf people get this vital service for free.
Re:Simple Fix... (Score:3, Informative)
What they use is the free internet relay service, which lets you use your computer as a TTY.
www.ip-relay.com [ip-relay.com] is one.
ATT also has one, someone earlier posted the URL.
Re:Simple Fix... (Score:2)
Re:Simple Fix... (Score:3, Insightful)
Re:Simple Fix... (Score:2)
I don't see registration being too onerous to get a service that is *heavilly* subsudised by other taxpayers.
Easy solution? (Score:3, Insightful)
Re:Easy solution? (Score:2)
You mean the security code that many online businesses (including reputable ones) require me to enter? If the source of stolen numbers is a hacked business database the number will likely be exposed. Similarly, if the stolen number was just copied down by the rare dishonest waiter, he can easily copy the 3 digit code at the same time.
The 3-digit security code doesn't really help much, i
Re:Easy solution? (Score:2)
Can't the merchants just require the 3-digit security code on the back of the credit cards , if they're losing money?
A "good" phishing site will ask for that information, along with your SSN, mother's maiden name, and any other information some organizations use to verify "you" for financial transactions. Anyone who is a target of identity theft isn't going to be saved by information you're expected to share with any merchant who asks for it.
A possible solution (Score:2)
What am I missing here?
legality of aiding in illgeal things (Score:2, Interesting)
is the opperator still required to facilitate the conversation and keep quiet? isn't that then like,
Re:legality of aiding in illgeal things (Score:2)
Big money maker for companies providing relay (Score:3, Insightful)
Relay companies get paid XX amount of dollars per day, assuming they can meet a certain service level. They have to answer calls queued into their system within a certain period of time. Every call that isn't answered is counted against their running total.
If a relay company falls below a certain percent (it's around 80% or so in a 24 hour period of time), they receive NO MONEY for that day. For the company I worked at, they had 1 day last year where they failed to maintain the standard. The amount of money lost for 1 day? Approaching $3 million according to management.
Anyone saying that business isn't a money making enterprise is full of BS.
Re:Big money maker for companies providing relay (Score:2)
You think you have it bad... (Score:3, Interesting)
It's really sad, but there will always be those whose work ethic embodies the tragedy of the commons to the fullest.
sites fighting the 419 scammers (Score:3, Informative)
Why? (Score:2)
I suppose the scammers realize their accents or (relatively) poor grasp of English might make the recipient of the calls suspicious, but it seems that TTY calls are rare enough to garner attention of their own. Are the scammers that short-sighted?
Or is it related to Penny Arcade's Greater Internet [penny-arcade.com]
Re:Why? (Score:2, Insightful)
First, I think you are right about the accents. Because the scammers are pretending to be Americans (possessing credit cards of Americans) they would have a harder time on the phone, with their accents. Also, the call is free, as best as I can tell. Finally, I think there is the additional degree of anonymity, because there is no call to trace. I can only conclude
I, sirs, am a relay operator. (Score:3, Informative)
BUT:
I work for MCI Worldcom as a relay operator. More specifically, the California Relay Service (CRS). Our center handles calls from IP-RELAY.com (so do the Arizona Relay, the Tennessee Relay, and the Wisconsin Relay, if anyone cares). So all day, it's prank calls and Nigerian scammers. There are a few deaf people using the service, but not many. The signal-to-noise ratio is much too low, so to speak. I make a few measly dollars and hour to put up with this sort of shit. (But at least the health benefits are okay)
It's always Ghanans and Nigerians. Every single fucking time. Not Koreans or Israelis or anyone else. Most are in Accra, Ghana.
They buy very few computers, despite what the article says. Mostly, they call printing shops to order blank T-shirts. I'm not really very sure why printing, silkscreening, and embroidery shops would even sell blank white T-shirts in the first place, but they do. Did I mention it's always XXL and XXXL shirts? Don't let those Sally Struthers commercials fool you; people in Ghana are fucking CHUBBY.
Today, it was wedding dresses. I'm curious why people don't get suspicious when someone wants to order 6 wedding gowns over the phone. Especially when they don't care what sizes or styles, just the price. Not extra large, though, oddly enough, so maybe they're not all as chubby as it seems.
Some days it's shoes. Some days it's designer perfume. Or gold wristwatches. And some days it is in fact computers.
And 99% of the time, the credit card is declined. And 90% of the time when that happens, the fucking moron at whichever shop I'm calling will actually ask the person if they have another card. They always have a spare, sometimes with a completely different name.
Things to look for, if you're a store:
- The scammer will always ask to have the shop run the credit card while they are on the line. This means, in stores with only one line, that the credit card machine will AUTOMATICALLY approve the card if it passes whatever obscure checksum process they go through. Nice trick.
- The scammer will, if pressed for a phone number, say that it's not currently working. They don't claim to be deaf and have no phone, which is actually pretty common among the deaf. Instead, they give a phone number with too many digits to be a US number, or an email address. This email address will be composed of a foreign-sounding name, but it will NOT match the name the person gave on the card.
- The total price will be just shy of $10,000 to avoid hitting the card's limit, OR it will be some multiple of that, and the scammer will have several cards.
So, every now and then the scammer gets someone to ship him something, be it a half dozen BMW radiators or a $9000.00 Bernina commercial grade sewing machine. He gets his payoff. Congratulations, you stupid sons of bitches, you've successfully stolen things. What do you do with the money?
You give it to terrorists, of course, so they can go to pilot school. Allah Akbar! (or whatever) Thank goodness for weak extradition treaties, otherwise this wouldn't be possible.
So do the executives at MCI know about all of this? Of course. The government is giving them a whole fucking load of money every day to keep the relay centers open. Hope it's worth it, guys. As for me, I'm out of there as soon as I get my book written (never).
Re:That's just cruel (Score:2)
It's also logical. Do you steal a lolly pop from a kid, or from a big-ass professional boxer?
I mean, you can't really expect thieves to have a superior sense of morality, do you...
Re:Doesn't surprise me (Score:2)
Re:DEAF AND DUMB (Score:3, Funny)
Re:DEAF AND DUMB (Score:2, Funny)
Re:TTY stands for (Score:2, Informative)