13-May-87 09:37:26-PDT,9010;000000000005
Date: Wed 13 May 87 09:02:24-PDT
From: Peter Neumann <[email protected]>
Subject: New Breed of Hustler: Selling Illicit Long-Distance Phone Calls
To: [email protected]

Source: an article by Robert D. McFadden, New York Times, 11 May 87

   NEW YORK - At bus and rail terminals and other places of anonymity in
cities across the country, a new breed of hustler has made an
appearance as the point man of a fast-growing, multimillion-dollar scam
selling illicit long-distance telephone calls.
   With the aggressive, sometimes faintly salacious phrases of hustlers
who sell sex and drugs, these high-tech vagabonds seek out prospective
customers at ranks of pay telephones with offers of calls of unlimited
duration at black-market rates.
   At the Port Authority Bus Terminal, in midtown Manhattan, hustlers
charge $2 for calls anywhere in the country and as little as $4 for
calls almost anywhere in the world. The hustlers do the dialing, using
billing codes stolen from long-distance telephone companies by computer
hackers and distributed through loose networks of middlemen in much the
same way that drugs are trafficked.
   The best customers are immigrants, shady entrepreneurs, and others who
know it is a crime but find it hard to resist what they call cheap
reliable, no-frills telephonic service. Like patrons of a drug pusher,
they wait for the hustlers, furtively buy calls and speak for hours to
faraway relatives, friends, and business associates.
   ''It's a serious business for all the telephone companies, including
us,'' said John Houser, a spokesman for MCI Telecommunications, one of
the long-distance companies that have arisen in recent years since the
breakup of the American Telephone and Telegraph Co.
   While total losses to the scam are unknown, experts say it accounts
for a substantial portion of the nation's $500 million annual cost of
illegal calls. Long-distance companies - and indirectly the millions of
clients who subscribe to them - are the victims. Neither the clients
nor the recipients of calls are charged for them because there is no
proof they were aware the calls were made fraudulently, officials say.
   Hundreds of phone hustlers have been arrested across the country,
including 190 in New York City alone last year, but the police assign
the scam a low priority in the pantheon of crime, and phone companies,
despite aggressive tracing efforts, have been overwhelmed by calls in
volume and by increasingly sophisticated methods of the hustlers.
   According to the Communications Fraud Control Association, an
independent group formed by MCI, U S Sprint, and AT&T in 1985 to fight
crimes involving communications, the phone hustlers gravitate to the
action - especially in cities with large immigrant populations.
   Rami S. Abuhamdeh, the association's executive director, said the
fraud had mushroomed in the last two years with the growth of
long-distance telephone companies like MCI and U S Sprint, whose
billing codes and interdependent dialing systems have been found
particularly vulnerable by communications crooks.
   The fraud usually begins with a computer hacker, and investigators say
the culprits are not just the stereotypical goggle-eyed teen-age
whiz-kids playing around between sessions of Pac Man and Pole Position.
   ''Years ago,'' said Del Wnorowski, the general counsel of U S Sprint,
''we thought these were just computer whizzes. But now we're finding
out there are housewives, doctors, and lawyers who are hacking codes
out of the system to sell.''
   Penetrating a telephone company's electronic files and extracting
secret billing codes - the numbers it uses to determine who makes a
call and whom to bill - is a difficult but not insurmountable task for
a hacker with a relatively simple program and a telephone-modem hookup.
   To hackers, most billing codes are too much trouble to ferret out. Of
MCI's 8 million customers, for example, 7 million use their home
numbers as well as a four-digit suffix, so a hacker would have to crack
a 14-digit code. But 1 million still make calls on an old system -
slowly being phased out - using five-digit codes, and these are
vulnerable.
   The hacker has his computer call MCI, for example, using one of the
seven-digit numbers that patrons normally call to gain access to a
long-distance line. These access numbers are widely known among
hackers. Once on a line, a hacker, like a legitimate customer, dials an
area code and number, and then adds a five-digit billing code.
   Each MCI access number is assigned 100,000 billing codes, and there
are scores of access numbers in use around the country. This allows for
millions of billing codes, only a fraction of which are in use. Other
companies use different systems. U S Sprint, for example, has customers
over the country dial a single access number from pay phones, followed
by a nine-digit code for billing.
   Legitimate customers each have a personal billing code, so the company
knows who is calling and whom to bill. Without a valid billing code,
the telephone equipment will not put the call through. Hackers seeking
billing codes set their computers searching for them.
   Since there are only 100,000 combinations of five-digit numbers on
each access line, a hacker just has his computer ''crunch'' through the
possibilities, one after the other. When a call goes through, it means
the computer has hit upon a valid billing code and the computer records
it. Running the program a little while, investigators say, produces
numerous codes.
   The hacker then sells the codes in batches to middlemen, usually
people who are contacted through computer billboard services, and they
are distributed to hustlers. The price for a single billing code is up
to $400, Wnorowski said.
   Hustlers must act fast to capitalize on their investment, for the life
of a stolen code is short, perhaps only a few days. That is because the
phone companies, cracking down on fraud, watch for any sudden surge in
calls made on a code number. If the code's owner has not made the
calls, the code is quickly cancelled.
   The hustlers' procedure is simple, as shown on a recent day at the
Port Authority Bus Terminal. After agreeing to a price, a customer gave
a hustler the desired number and he dialed it, along with the telephone
company's access number and a billing code.
   When the party answered, the hustler collected his money, handed over
the receiver and left. When the call was over, he was back to offer
another call. During one complex call, he had to summon a nearby
''supervisor'' to instruct him in dialing procedure.
   Long calls to California and Massachusetts were $2 each. For $4, calls
were placed abroad for two West German women, a man from Ecuador,
several West Indians, and several Americans. For $4, the hustler sold
an American a five-digit number that he said was a valid billing code
to call anywhere in the world, but it later proved useless.
   Investigators said hustlers sometimes sold codes in their dying hours
of usefulness. But such offers were suspect, they said, because
surrendering valid codes only hastened their demise.
   Because many long-distance companies are not equipped to reach all
countries abroad, investigators say, it is sometimes necessary for a
hustler to use a more complex method of patching a call through. This
involves a confederate, often in another city, using special equipment
to tap into an AT&T long-distance line to complete the call abroad.
   These clandestine ''operators,'' each used by a network of hustlers in
various cities, also use stolen billing codes to complete calls. In
March, Rafael Rodriguez was sentenced to 20 months in jail and fined
$20,000 on charges of running a discount call service in an apartment
in the Washington Heights section of Manhattan.
   Carl H. Loewenson Jr., a federal prosecutor who handled the case, said
authorities who raided the apartment found seven telephones, a
mechanical device for tapping into AT&T long-distance lines, and 107
stolen billing codes. Rodriguez was said to have sold $150 calls,
typically to Dominicans calling their homeland, for $10 to $15.
   Telephone companies say they are aggressive about tracing illegal
calls, hackers who steal codes, and clandestine operators. A variety of
equipment - from alarms that go off when a long-distance line is tapped
to software that detects high-volume on billing codes - is being used.
And five-digit codes are being phased out for harder-to-steal codes.
   But telephone companies competing for customers are reluctant to make
billing code systems more complicated, and they are simply overwhelmed
by the volume of illegal calls.
   ''There are a lot of entrepreneurs out there who want to create their
own telephone companies,'' said Abuhamdeh. ''The way the system is set
up now, they can do it.''

You are viewing proxied material from gopher.quux.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.