e-v-mail

Korova Multimedia

Up to the "Hoax du Jour" home page
(home page)


Updated info!
12/20/1998

AT&T's Web site:
The 9-0-# Phone Scam
Fraud Education
"Call forwarding scams" (residential)

RCMP: Theft of Telecommunications

Documented incident at the University of Texas at Austin, March, 1997

BBB "900 Phone Scam" alert, January, 1997

Reported notice in the the University of Washington staff newspaper ("Phone Fraud"), October, 1991


Public links to this specific article:
http://www.korova.com/virus/hoax980212.htm
Also: this page, print-friendly

Got a question? Try
"The FAQ du Jour"




Previous "Hoax du Jour" columns

The "Hoax du Jour" Index

A More Wretched Hive of Scum & Villainy

Children's Crusade

Lingering Misinformation

Viral marketing is Now.

The Grinch is Real

Call Now!
(Int'l phone scams)

"You're Never Gonna Believe This..."

The Word Macro Spam 'Bot

Calls to Overreaction

Remote Explorer of My Eye

Internet Access Charges & Taxation

The Fear of AIDS (Needles)

Toxic Tampons

Death Threats and Disney Trips

The AOL Hacker Riot II

The "90# Phone Scam" Alert

E-j-mail Extortion

Phone Slamming

AOL Cookie





Click here for the "Hoax du Jour" top-level page.

Related topic: you know what e-mail is. But do you know what "e-v-mail" is?

Related topic: rate your own Internet alert (or just-received warning from a well-meaning friend) against the Korova Drop-dead Internet Alert guide.

Computer virus protection If you're not using anti-virus software, you need to consider getting some, and soon. Click here to choose some from Amazon.com. If you're connected to the Internet with an "always on," broadband connection (cable modem or DSL), consider getting some firewall software, or a hardware solution for your entire home network.


About the "Hoax du Jour"

The "Hoax du Jour" is a recurring column providing updated information and commentary on the Internet community. It is a feature of Korova Multimedia's "e-v-mail" page.

What is a "hoax du jour?" With the advent of widespread use of the Internet as a medium for sharing information, the phenomenon of sharing misinformation has exploded. Conventional urban folklore and propaganda have blossomed on the Internet. Intentionally misleading information is broadcast on a professional and personal level.

On the Web, misinformation wants to be free. It also likes to be free of authenticity and corroboration, when such grounding deflates the credibility of the content.

The result? Naive users of the Internet are subjected to a daily barrage of data that are erroneous, slanderous, and sometimes even destructive. This page is dedicated to discussing intentional misinformation, or 'Net hoaxes.

Disclaimer The opinions expressed here are entirely my own, and do not reflect policy or intentions of any persons, groups or companies referred to or linked from this site. I, my guest writers, or Korova Multimedia are not responsible for content or sites linked to from the "Hoax du Jour" column.


Kudos and links for
the "Hoax du Jour"

About.com
("Best of the Net")

Computer Virus Myths
(recommendation)

The Curse of a Thousand Chain Letters
(recommendation)

Lycos Guide: Urban Legends
(Top Rated Site)

The Motley Fool
("striking a blow for rationality")

ProjectCool
(March, 2001)

Suite101.com
("three stars")


Also on Korova.com

Clean the hoax-y taste from your mouth with Nonstop Anonymous Monotonous Onomatopoeia, just for fun.

Get a fresh perspective with Korova Truth.

Think outside, way outside, of the box at ChromeJob.com.





Other anti-hoax resources

Korova Multimedia: "e-v-mail"

Rob Rosenberger:
Computer Virus Myths

DoE CIAC - Hoaxbusters

Barbara Mikkelson:
Urban Legends Reference Pages

David Emery:
About.com guide to Urban Legends & Folklore

HoaxKill Service


Urban legend and computer security books

by Jan Harold Brunvand
Click to order this title from Amazon.com
The Baby Train
The Choking Doberman
Curses! Broiled Again!
The Mexican Pet
The Truth Never Stands In The Way Of A Good Story

also:
Computer Security Basics (O'Reilly)

... or search Amazon.com for more books about hoaxes and urban legends...


Sponsor links:

February 12, 1998     

In the past couple of weeks, a convincing "phone scam alert" has spread through U.S. Government offices and the Internet. Though the seed of this net rumor is factual, the alert has been abridged and misquoted to the extent that it's alarming ... and inaccurate.

One version of the alert (posted on the newsgroup alt.folklore.urban) goes like this:

* High Priority **

On Saturday, 24 January 1998, Naval Air Station, Joint Reserve Base, New Orleans' Quarterdeck received a telephone call from an individual identifying himself as an AT&T Service Technician that was running a test on our telephone lines. He stated that to complete the test the QMOW should touch nine (9), zero (0), pound sign (#) and hang up. Luckily, the QMOW was suspicious and refused. Upon contacting the telephone company we were informed that by pushing 90# you end up giving the individual that called you access to your telephone line and allows them to place a long distance telephone call, with the charge appearing on your telephone call. We were further informed that this scam has been originating from many of the local jails/prisons. Please "pass the word".

Somehow this smelled like a net rumor, maybe even a hoax, since it follows the "Hook, Threat and Request" model that CIAC (http://ciac.llnl.gov/) identified in Internet chain letters and virus hoaxes.

I discussed this with AT&T's Network Security office (800-337-5373, security@att.com), which is referenced in some versions of the alert. The specialist I talked to had heard of the rumor, but discounted its validity as posted. He noted that it could conceivably be used against some common PBX systems. Here's how:

  1. On many PBX systems, 9 will access an outside line, 0 will request a local operator, and # ... well, most systems wouldn't know what to do with that #, so the call to the local operator would be CANCELLED*. It's conceivable that calling someone on a PBX, and asking the recipient to hookflash, then dial 90#, will give the caller an outside dial tone. The caller can now make long distance calls that are charged to the hapless recipient. (See "Inmate fraud" link.)

    [A writer on USENET informed me that this is a "call completion" code, which signals a PBX system that the number is complete, and initiates dialing. In essence, 90# would connect an internal line to the outside operator, and 900# would connect a line to an outside long distance operator (depending on the PBX being used).]

  2. This, of course, would require that


    • the recipient is on a PBX system that supports 9 for accessing an outside line,
    • the default "9" outside line has long distance dialing privileges (some systems require a different code to get the LD carrier) and
    • the recipient doesn't see through the obvious deception ("I'm an AT&T service technician, dial this code....") and just hang up.

It's possible. It can be used as a scam, but most likely on systems that the series of numbers is known to provide a long distance dial tone. The original alert, within a single Navy installation, has some validity. The resulting net rumor, though, infers that this "90#" code works anywhere. It just ain't so. Dialing 90# on a home phone won't do squat. As to whether the calls are typically originating from jails, AT&T's rep asserted that it's rarely possible for a convict to pull such a scam. (See the exception referenced in the links.)

To get to the bottom of the source incident, I called the Naval Air Station quarterdeck in New Orleans. The petty officer who was manning the watch cheerfully confirmed that they had a clearly posted warning at the desk matching the quoted text above almost word for word. Almost. He also looked up his log for January 24, 1998, and confirmed that the duty watchstander had received a suspicious call. But the text he read me had one critical element missing from the net posts ... I'll simulate the omission here:

 >  Service Technician that was running a test on our telephone
 >  lines. He stated that to complete the test the QMOW should

<snip> touch the LINE key [for an outside line], then <snip>

 >  touch nine (9), zero (0), pound sign (#) and hang up.

This procedure COULD give the caller an outside line on the base's phone system. What a surprise.



So the bottom line is that this warning has some validity for certain PBXes, but no way near the "alarm factor" danger for any and all phone systems. Your office or institution phone system may be vulnerable to this technique, or this kind of technique, or even some form of "social engineering" scam for abusing phone systems. But, folks, your home phones are safe from danger. As Rob Carlson posted on alt.folklore.urban, "Being able to use one single sequence on the variety of phone switches is as silly as expecting to run Intel machine code on a SPARC."

Here are several tips you can apply to minimize your risk to phone scams like the one prophecied in this net rumor.

  1. Don't give out personal information over the phone. This includes passwords, PINs (personal identification numbers) for your calling card or ATM card, your Social Security Number, home phone, address. Those who need this information should already have it, and often WILL NOT ask for it over the phone.
  2. Those who need to do "checks" and maintenance work on phones and computer systems ... don't need to ask you for access codes. They already have them, or don't need them.
  3. Phone technicians don't need user intervention to check equipment. Often, they don't even need to bother you at all, it's all done in the background.
  4. Be suspicious of strange callers who claim to be within your company, and need you to transfer them or perform some unusual function.
  5. Social engineers may ask you several innocuous questions before hitting the real question. Be suspicious of anyone who calls up to "confirm your information" and asks the obvious questions.
  6. When in doubt, get a return phone number where you can call the person back. Legitimate entities will provide a company number; hackers will often just hang up.


Update!

December  20, 1998     

This alert has resurfaced lately, just in time to ride the coattails of various returning rumors regarding Internet Access Charges & Taxation. In its new version, all the corroboration from the U.S. Navy has been replaced with a supposed personal account. Oddly, this makes it even less credible, but seems to appeal to the belief that a warning told in the first person "I" will be more believable.


David Spalding


© Copyright 1998 D.B. Spalding/Korova Multimedia. All rights reserved.

Contents
Contents

Music
Music

Film
Film

Books
Pubs

Computing
Computing

Consulting
Consulting

What's new?
New!

Map
Map

Bios
Whois?

Contact
Contact

FAQ
Help