Re: Carriers need to independently verify LOAs

[Joe Greco <jgreco () ns sol net>]

On Mon, Apr 19, 2021 at 01:20:22PM -0400, Sean Donelan wrote:
> On Sat, 17 Apr 2021, Eric Kuhnke wrote:
> > Anecdotal: With the prior consent of the DID holders, I have successfully
> > ported peoples' numbers using nothing more than a JPG scan of a signature
> > that looks like an illegible 150 dpi black and white blob, pasted in an
> > image editor on top of a generic looking 'phone bill'.
>
> All carriers should independently verify any LOAs received for account 
> changes.
>
> Documents received from third-parties, without independently verifying 
> with the customer of record, using the carriers own records, are just junk 
> papers.
>
> Almost no carriers verify LOAs by contacting the customer of record. 
> Worse, they call the phone number on the letterhead provide by the scammer 
> for "verification."

Presumably we're kinda talking about a problem parallel to the
Internet ASN/IP space LOA problem here.

It would be awesome if there were a nice easy way to identify the
responsible parties, so you could figure out WHOIS the appropriate
party to contact.  If you've ever tried Googling a company with a
hundred thousand employees, calling their contact number on the Web,
and getting through to anybody who knows anything at all about IT,
well, you can spend a day at it and still have gotten nowhere.

It's too bad that this information is so frequently redacted for
privacy.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"The strain of anti-intellectualism has been a constant thread winding its way
through our political and cultural life, nurtured by the false notion that
democracy means that 'my ignorance is just as good as your knowledge.'"-Asimov