IP: a bit more on the Airport Telephone scam from Telecom Digest

[Dave Farber <farber () cis upenn edu>]

Subject: Airport Pay Phone Taps Used to Steal Calling Cards
Date: Sat, 4 Jul 1998 15:14:32 PDT
From: tad () ssc com (Tad Cook)




(This story has greater detail than the one recently on using 3-way
calling to steal calling card numbers.  tad () ssc com)


Airport pay phone taps used to steal calling cards


New York Times


NEW YORK -- Federal investigators said the scam was ingenious in its
simplicity: Five people in New York City would tap into public pay phones
at major airports across the United States, and then steal calling-card
numbers punched in by unsuspecting travelers.


After a seven-month investigation by the Secret Service, the scheme ended
last month with the arrest of four men and one woman.


The case, which investigators and telephone-company officials said is the
first of its kind in the nation, is only the latest machination in a $4
billion-a-year telephone-fraud industry that keeps reinventing itself.


"This is something new that we have not seen before," said Boyd Jackson,
the director of network security at AT&T Corp. and one of the industry
experts who helped federal investigators on the case. "And there is nothing
I am aware of that customers can do to fully protect themselves."


Federal investigators, who said that calling-card theft costs telephone
companies and consumers millions of dollars annually, have yet to establish
an exact figure for how much this scam netted. And because of the
scheme's simplicity, and the fact that a thief can tap into phones from
hundreds of miles away, the authorities are fearful of copycat crimes.


Mary Jo White, the U.S. attorney in Manhattan, whose office is prosecuting
the case, left open the possibility of more arrests, saying an investigation
was continuing.


Investigators said the suspects stole hundreds of calling-card numbers by
dialing into public telephones in O'Hare International Airport in Chicago,
Hartsfield International Airport in Atlanta, Houston International Airport
and Denver International Airport.


Federal documents say the scheme worked this way: The defendants would call
phones at the airports. When someone waiting to use a phone picked up a
ringing phone, they would hear what sounded like a dial tone, which was
activated when the suspects initiated the phones' conference-call feature.
Even if the caller was startled by the dial tone and hung up, the tap
remained activated for 15 seconds, ensnaring callers if they picked up the
phone again or if someone else waiting in line tried to use the phone.


Calling-card numbers that the victims punched in were recorded by the
suspects, who then would translate the tones back into corresponding
numbers using a device called a dial-number recorder, prosecutors said.
Such recorders are commonly available at electronics stores.


"This is the first time we have ever seen this type of setup with these
dial-number recorders," said Denise Gibson, a spokeswoman for the New York
City field office of the Secret Service. "Unfortunately, these are
well-known and readily available electronic devices."


After obtaining the calling-card numbers, thieves typically make a profit
by selling them on the black market to other criminals and unwitting
consumers.


The Secret Service, a branch of the Treasury Department that investigates
financial crimes, was tipped off to the scam by AT&T, Bell Atlantic
Corp. and MCI Communications Corp. after they received an unusually high
number of complaints from customers who had recently used their calling
cards in airports.


On June 18, Secret Service agents arrested Benito Lopez, Juan Morel, Miriam
Mercado Florian, Julio Olivo and Gladys Brito, all of New York. In the
suspects' apartments, investigators said, they confiscated dial-number
recorders, audiotapes, lists of public-telephone numbers and lists of
calling-card numbers.


The five suspects, who each could face a maximum of five years in prison
and a $250,000 fine if convicted of fraud, could not be located for
comment. They were arraigned and released on bail last week in U.S.
District Court in Manhattan, where they are scheduled to reappear for a
preliminary hearing July 20.


Federal and telephone-company officials said they were concerned about not
being able to prevent copycat crimes because under such a scam, a thief
does not have to be on location and there is no way for consumers to
differentiate between fake and real dial tones.


Calling-card scams began with the actual theft of cards. That scheme
was foiled by telephone companies providing customers with personal
security codes not printed on the cards. Thieves responded by glancing over
the shoulders of callers and writing down their calling-card numbers and
security codes as they punched them into telephones.


Telephone companies say they put a dent in this so-called "shoulder
surfing" by furnishing pay phones with automatic card readers, and plastic
shields and other measures to obstruct the view of potential thieves.


In recent years, more enterprising thieves have obtained calling-card
numbers and security codes by contacting customers and telling them they
were telephone-company operators who needed to verify their card numbers.


One federal official expressed a grudging admiration for the latest scheme.


"From a personal perspective, I thought it was rather ingenious," Gibson
said. "It has alerted us to a potential problem that we are sure other
criminals will be able to duplicate."