Sprint Cracks Down on TTY Relay Abuses 192
An anonymous reader writes "Sprint thinks it has found a way to keep West African scam artists from using Sprint's deaf-relay service to defraud people." Our previous two stories have background information.
Look at my posting history and explain -1 ? (Score:1, Interesting)
How come we don't hear of scammers from Cuba, Russia, Afghanistan, Iraq, Korea, or any of america's historical and/or current enemies? Is it a media thing to drop west african country names when they refer to these kinds of scam?
Does Nigeria really have a monopoly on scamming stupid americans? Are their organized crime mobs this pathetic that the best
Many people don't know about these scams (Score:1)
Explain what?? (Score:2, Informative)
Perhaps you have not gotten the 300+ Emails that I have gotten ... all people from or claiming to be from Nigeria. (There have been arrests for Nigerian scammers that are Europeans claiming to be from Nigeria). Thus 'Nigerian scam'.
Perhaps you are relegated to posting at -1 because of the inflamatory way in which you ask questions. Claim that three-digit area-codes could app
Area code? (Score:1)
(Em
Re:Look at my posting history and explain -1 ? (Score:2)
They do it from Nigeria because they can get away with it.
If you look through your inbox you will notice that pretty much all of the 419 scams ask you to assist in something you know will be illegial(tax evasion, identity fraud, outright embezzelment) in return for a large share of the loot.
When the Nigerian police get the call for help they simply regard it as one crook ripping off another and don't consider it worth their while.
So it's all pretty much a
Problem looks very familiar (Score:5, Insightful)
I think every popular web-based service dealt with this issue years ago, including Slashdot. I guess nobody involved in setting up the TTY relay services ever ran a message board?
"Obviously it's had the effect of cutting down these calls, but they're going to find new hosts and call back anyway... It's always going to be a cat-and-mouse game."
Or to put it in the Slash vernacular, a troll-and-moderator game.
Grodevant would prefer a system in which legitimate users register in advance to gain access to the system.
Again, Slashdot provides an example of a solution. Sometimes, you need to be anonymous. But creeps and crooks are among those who prefer anonymity. So you simply flag the calls: "You have a call from a registered TTY user" vs. "You have a call from an Anonymous Coward".
I can see why the telcos didn't put these protections in place from the beginning, though... preying on the disabled is about as low as you can get. The companies simply didn't realize that these bastards have to look up to even see "as low as you can get".
Re:Problem looks very familiar (Score:1, Insightful)
Re:Problem looks very familiar (Score:2, Insightful)
Re:Problem looks very familiar (Score:5, Insightful)
Remember those pesky laws that guarantee confidentiality of those whom are relegated to using relay services as their only means of communication with non-TTY enabled businesses. Those laws (of course) were written for TTY/vox relay and not Internet/vox relay. That's why the blocking has to be done PRIOR to 'connect'. They'll find open proxies and come from US based addresses soon enough (no disagreement with you there).
Anonymity with Visa? (Score:2)
That is to say, if somebody calls to use the TTY service without using a Visa, whatever, anonymous. If somebody calls to make a Visa purchase... his/her ID is tied to the credit card.
So the solution would really be to do some of the following:
a) Assign special ID's/passwords for those legit callers using the system, but have them required
Blocking IP addresses? Only a matter of time... (Score:5, Interesting)
===
Sprint spokesman Steve Lunceford, would not detail how Sprint is trying to block the calls other than to say the company is looking at problematic Internet-protocol addresses and finding ways to block them before calls go through to operators.
So far, the effort appears successful. The volume of Internet-relay calls has returned to the level it was in early January, before massive abuse of the system began, Lunceford said.
===
This is only a temporary fix. If they're blocking specific IP addresses, then the scammers will start using proxies. I suppose they could also start blocking anything from a proxy server, but there might be legitimate deaf people using Anonymizer or similar service that would no longer be able to get through.
Is it possible to tell whether a particular HTTP request is coming from a proxy server, without knowing the IP address? Perhaps there is a descriptor in the packet somewhere that says it is going to be forwarded beyond the "apparent" destination?
Re:Blocking IP addresses? Only a matter of time... (Score:4, Informative)
Re:Blocking IP addresses? Only a matter of time... (Score:2)
Re:Blocking IP addresses? Only a matter of time... (Score:2)
Re:Blocking IP addresses? Only a matter of time... (Score:2, Funny)
Re:Blocking IP addresses? Only a matter of time... (Score:1)
http://www.proxy4free.com/index.html [proxy4free.com]
And another one:
http://www.multiproxy.org/ [multiproxy.org]
Re:Blocking IP addresses? Only a matter of time... (Score:2)
I suggest you check up on how a DNSBL [wikipedia.org] works and find out about them. They publish a constantly updated list of such proxies and other things, mainly for filtering out spam but can be used to filter out anything you don't want from an open proxy using DNS protocols.
As you can appriciate, having a constantly updated list is preferable to a static list
Re:Blocking IP addresses? Only a matter of time... (Score:2)
Re:Blocking IP addresses? Only a matter of time... (Score:2, Interesting)
Why is it legitimate for deaf people to use an anonymizer. When normally-abled people place a phone call, they have no expectation of remaining anonymous, why should deaf people?
Re:Blocking IP addresses? Only a matter of time... (Score:5, Insightful)
Re:Blocking IP addresses? Only a matter of time... (Score:1)
But yes. There are times in which people expect to be anonymous when placing a phone call, and the deaf should be no exception.
Re:Blocking IP addresses? Only a matter of time... (Score:2)
Re:Blocking IP addresses? Only a matter of time... (Score:2)
What's that you say? I have a call from 213.122.57.107, host213-122-57-107.in-addr.btopenworld.com? Hmm, let me think.. no, I don't think that's an open relay, I'll accept!
Re:Blocking IP addresses? Only a matter of time... (Score:2)
Re:Blocking IP addresses? Only a matter of time... (Score:2)
The whistle-blower can still pass along juicy tidbits.... just have identification required for those making monentary transaction (again, CC = no anonymity).
They have the *same* expectation of privacy... (Score:2)
That is to say, unless a warrant has been already served for the purpose of tapping the line, no part of the call will be monitored or recorded. This is the expectation guaranteed by the law for everyone.
This system for the deaf requires an actual *person* to be involved in the process, as well as special equipment. The law protects the deaf user, requiring that the assisting person con
Re:Blocking IP addresses? Only a matter of time... (Score:1)
Re:Blocking IP addresses? Only a matter of time... (Score:1)
Why won't it be somewhat or even mostly effective? (Score:2)
So why won't this be successful?
Nigerian fraud. (Score:4, Funny)
Reduction in fraudulent sales overseas, I hope. (Score:5, Funny)
Wife: Honey, the deaf Nigerian man is on the phone and he wants another $10,000 worth of raw diamonds. He wants to put the order on five different credit cards.
Husband: Hot-diggidy! Another vacation in Malibu!
Re:Reduction in fraudulent sales overseas, I hope. (Score:2)
Husband: Hot-diggidy! Another vacation in Malibu!
The store wouldn't react that way. If they ship diamonds to the fraudster, they're going to get burned because those stolen credit card transactions might get approved at first, but will be charged back eventually. If they smelt fraud, they'd hang up and refuse the order...
Re:Unfortunately.... (Score:2)
Would a donut make you feel better?
Free Calls (Score:1, Troll)
Uh yeah simple... (Score:3, Funny)
Uh yeah simple...
You don't allow anyone from West Africa to purchase $30,000 or more worth of laptops from the US!
Duh.
Re:Uh yeah simple... (Score:2)
That's why spammers can keep going too. They only need a small fraction of payouts to win...
Of course... (Score:5, Funny)
Phone sex with a TTY operator relaying the action... ho, boy. I just hope that the operator in the middle's an uber-prim-and-proper woman who blushes like mad at the whole thing.
Re:Of course... (Score:2)
Re:Of course... (Score:5, Funny)
Re:Of course... (Score:1, Funny)
I started a free TTY call to one of the other payphones, where my friend picked up, and we pretended to be a couple having a really bad fight. Towards then end, the operato
Re:Of course... (Score:3, Interesting)
I was amazed to hear the guy at the local computer store tell me that they had problems with this. They were getting calls from people trying to order laptops with bad checks. He said they now ask the operator what areacode the caller is in and refuse any call not from the local area. I remember him saying that New York state was a big source of problems.
He also said that he expected this solution to be just a band-aid.
W00t (Score:4, Interesting)
Here's an idea.... (Score:1)
ie - deaf person contacts sprint operator, and proves he or she is deaf by faxing disability papers from the government. They now will have an account with Sprint's TTY service, and before using it, they simply call an 800 number and enter their social security number and PIN number they chose. This will generate a random password they can enter when making a TTY call that will expire 10 minutes after, or maybe after it is used
Re:Here's an idea.... (Score:3, Interesting)
Re:Here's an idea.... (Score:3, Interesting)
I suppose there's a risk that they wouldn't know if they'd dialed a wrong number, and therefore might start keying in their login/pin at an incorrect number. Scammers would likely start registering all of the one-off numbers around that 800 number. Plenty of phones these days do display the number as you dial it though, so that's not insurmountable.
Re:Here's an idea.... (Score:2)
Re:Here's an idea.... (Score:1)
Or maybe it still wouldn't work on a practical level, I'm really not that familiar with the situation. Still, it does seem like there ought to be a better solution than a blacklist.
Re:Here's an idea.... (Score:1)
What use is a phone call, Mr Anderson...
Re:Here's an idea.... (Score:4, Informative)
Re:Here's an idea.... (Score:3)
It's easy - the operator just has to call them back. If they answer the phone, they aren't deaf.
Re:Here's an idea.... (Score:2)
Re:Here's an idea.... (Score:2)
Mal-2
Re:Here's an idea.... (Score:2)
-RUsty
Back in the day... (Score:2)
Now, we suck it up and try to live with it, or work around it.
Has civilization taken a step forward, or a step backwards? Seriously.
Xentax
Short term solution (Score:4, Insightful)
So for an effective short term solution change these rules so that any operator who believes that it's a scam can (after some procedures have been followed) terminate the call.
I'm all for alternative solutions too, but this will make some headway into solving the issue. After the scammers know that you'll terminate the call as soon as it becomes evident then they'll look elsewhere.
Re:Short term solution (Score:3, Interesting)
Here on Slashdot, there's a strong "screw the rules" bent, as evidenced by the latest copy-protection crack [slashdot.org].
So I'm surprised nobody's suggested that the operators simply tell the obvious scammers to go take a flying leap. What's the scammer going to do, report them? "Hello, my name is, um, let's call me John, and the TTY operator
Perhaps... (Score:2)
Nah, that can't be it.
-Zipwow
Tough Issue (Score:2)
However, since use of this service is not a right, but a privilege, it seems fair to go ahead and throw out some of the babies, and let them get back in the bath on an individual basis. If you get blocked from using the service, there ought to be someone
Re:Tough Issue (Score:2)
Web site.
If you are a deaf nigerian, the odds are you don't have 30 grand. But if you did, you'd be able to scribble something for your brother/dad/uncle/cousin/business partner to the effect of: can you call this guy and buy the machines?
Again, it's like saying that a deaf american with 8 million dollars has to make a tty call to order 12 laptops from Dell. Yeah, I think he has an assistant.
Anyway, I think that using a TTY without being disabled should carry a hefty sentence.
Re:Tough Issue (Score:2)
Re:Tough Issue (Score:1)
TTYs are used for incoming as well as outgoing calls... Hearing people have many perfectly legitimate reasons to call using a TTY.
That being said, from what I know, most hearing people who have to call more than once will just buy the TTY box and be done with it.
Re:Tough Issue (Score:2)
The TTY Relay service is legally only usuable in the US. So, even if a deaf Nigerian wanted to order $30,000 of computers, they couldn't use the TTY Relay service.
-BrentRe:Tough Issue (Score:2)
Ah, well, I didn't know that, sorry. I should have used a different example. There are still going to be some false-positive results from any filtering system you could implement. But in this case it's well worth it, since most of the filtered calls really will be scams.
Do like we do for other countries (Score:3, Insightful)
I don't handle the finance end of things, but I would sugg
Re:Do like we do for other countries (Score:2)
No, the right answer is that all transactions from overseas must be paid with an international money order (postal or Western Union).
Period. No exceptions.
Re:Do like we do for other countries (Score:1)
Re:Tough Issue (Score:4, Informative)
Unlikely as it is, they have to pay with their own money... not stolen credit cards!
Our little site gets these Nigerians attempting to purchase with stolen credit cards. It's pretty easy to spot, as we've never has a legitimate order to Nigeria... but it's an annoyance.
Eventually, I ended up logging their IP numbers and now I just drop any packet that appears to have originated in Nigeria. Worked pretty well so far... might have to imclude open proxies if they start using them. For anyone else faced with the same problem, here's a little list:
Extremely minor nit (Score:2)
These look like typos--the third octet will get zeroed out by the netmask. Are you sure you entered them correctly?
No, it is a right (Score:2)
No, it is a right. It's required by the Americans with Disabilities Act. That's why turning it off for these scammers is so hard.
Re:No, it is a right (Score:2)
Re:Tough Issue (Score:2)
Re:Tough Issue (Score:2)
Yep, indeed. And these rich people often end up being in a coup, or are jailed/exiled in a power struggle, or just die of old age. Their wealth is almost always left laying around in a bank account or other financial institution, in a sort of financial limbo... leaving their heirs with no alternative but to seek out foreign assistance to seize those funds that are rightfully their inheiritance. These are good natured folks, of
Re:Tough Issue (Score:2)
As a general rule (although with some exceptions), rich people in poor countries have very little to do with capitalism.
Chris Mattern
Re:Tough Issue (Score:2)
How can you be rich without having anything to do with capitalism? What non-capitalist bank are you going to put your money in? What non-capitalist investments are you going to invest in?
I see what you mean, of course, which is that the fact that there are rich people in poor countries has little to do with the free market. But not all capitalism is free-market capitalism. Indeed, it could be argued that none of it is.
Besides, many of
Why is anonymity an issue? (Score:5, Insightful)
Why should it be different for people using TTY services? Provisions for anonymity only allow people to abuse the telephone system.
Re:Why is anonymity an issue? (Score:3, Insightful)
Re:Why is anonymity an issue? (Score:5, Insightful)
TTY users should have privacy in their calls, but that does not mean they should have complete anonymity to make such calls. Requiring them to register and login to TTY relay websites isn't any different from the rest of us having to give all our details to the telco to get a phone line. There's privacy in the calls, but not the fact we're making a call and to whom the call is made.
Re:Why is anonymity an issue? (Score:2)
Re:Why is anonymity an issue? (Score:2)
Operator: Hello, this is the righteous wrath of Red Front calling to order fertilizer.
What about deaf scam artists? (Score:1, Funny)
WHY SOME SCAM ARTISTS LIKE
TO SHOUT...
Here is an honest scammer:
DEAR MADAME
I AM DEF AND DISABLED DUE TO
A TERRIBLE TRAFFIC ACCIDENT
THAT OCCURED ON JULY 21ST IN
LAGOS CITY.
MY LEGS WERE PULVERISED WHEN
A BEER LORRY CAREENED OFF THE
ROAD AND INTO MY STALL.
I AM NOW REDUCED TO ENJOINING
FOREIGNERS WITH CONSIDERABLY
MORE WEALTH THAN MYSELF FOR
CERTAIN FORMS OF ASSISTANCE.
I DO NOT HAVE $50MM IN A BANK.
I DO NOT EVEN HAVE AN ACCOUNT.
BUT YOU ARE STILL WELCOME TO
SEND ME SOME MONEY. US$200
Just in case you have not heard about "419" (Score:4, Funny)
Yeah, but it's pretty sick sometimes... (Score:2)
(note: Image is safe for work. Contains no nudity or profanity. It merely contains a phrase that is utterly revolting and could cause nausea, vomiting and a desire to dig your eyeballs from your skull with a spoon if you understand the reference made in it).
hardware based challenge/response system (Score:5, Interesting)
I think the requirement for specialized hardware is the key to ending the abuse of the system. My idea would be to use a device, where the relay gives you code, and then you input it into the device, and it spits out a response. This would still keep the calls anonymous, but, would add a level of security to stop the scammers.
But now how will I know (Score:2)
Ummm... "internet protocol addresses?" 8) (Score:1)
What's this new "Internet-protocol address," and how do I get one?!?
Re:Ummm... "internet protocol addresses?" 8) (Score:1)
Re:Ummm... "internet protocol addresses?" 8) (Score:1)
Re:Ummm... "internet protocol addresses?" 8) (Score:1)
I think I need a Total Care Package to go with my Internet Protocol statement.
(still too subtle?
This is fine, but.... (Score:2)
Financial Survival of the Fittest (Score:3, Interesting)
One of the sites on my server is a classified ad site, and we've had several reports of people getting fleeced with the Nigerian forged-cashiers check overpayment scam. Again, why someone selling something would accept overpayment and then wire the difference back to the party or their agent is beyond stupidity. Ironically the best thing that could happen to these people is for them to get ripped off so some of that naivety will be summarily stripped from their barnacle-encrusted brains.
I'm not saying the scammers should be allowed to operate, but any action taken by "authorities" should be considered more of a favor for stupid people, than a responsibility. No amount of enforcement or technology will ultimately keep a fool and his money from being separated.
Re:Financial Survival of the Fittest (Score:2)
This isn't the point. The point is that the TTY operators are not permitted to drop the calls. But I do wonder about XYZ Company that spends a HOUR (example given many times) with theses scammers before terminating the call. I mean, since when can it possibly take more than 10 minutes MAX determini
SpamAssassin (Score:1)
Just send a message on occassion, with:
Blocked 299413 Spam and Transfered 0
That way people can "SEE" the difference.
Subsidized service = automatic abuse (Score:2, Insightful)
It is available for free to anyone, anywhere, 24x7.
They will even make long distance calls on your behalf.
Is anyone truly surprised that the system gets abused? Think about it. You, the taxpayer, are paying for scams, phone sex, student college jokes, and pizza. Is this how you want your tax dollars spent?
Input from a TTY veteran... (Score:3, Informative)
Mod parent down - troll (Score:3, Informative)
MOD PARENT DOWN (Score:2, Informative)
Parent is a karma whore.
Re:Sure this will stop West African scammers (Score:4, Informative)
Re:Sure this will stop West African scammers (Score:2)
Re:Sure this will stop West African scammers (Score:2)
Of course it is. You have all these rich businessmen dropping dead, leaving their money in your banks and not specifying any next of kin or leaving a will. I received two solicitations in a rwo for two different dead men's fortunes, each valued at $50,000,000!
(note: I'm pretty sure that the scammer in question, who claimed to work in a bank in South Africa, is actually in Nigeria. I have reasons for suspecting this beyond "all of them are in Nig
Re:Big question, however.... (Score:2)
Sorry but if that isn't fucked up then I don't know what is.
You seem to not realize what the service is intended for -- deaf Americans. To insure that deaf citizens are afforded the same privacy a non-deaf citizen would have on the phone the laws strictly forbid disclosing any information about the caller or call's contents