Fraud against users by phone companies •
Cramming is the addition of charges to a subscriber's telephone bill for services which were neither ordered nor desired by the client, or for fees for calls or services that were not properly disclosed to the client. These charges are often assessed by dishonest third-party suppliers of data and communication service that phone companies are required, by law, to allow the third-party to place on the bill. •
Slamming is any fraudulent, unauthorized change to the default long-distance/local carrier or DSL Internet service selection for a subscriber's line, most often made by dishonest vendors desiring to steal business from competing service providers. •
False Answer Supervision is a misconfiguration of telephone company equipment, by negligence or design, which causes billing to start as soon as the distant telephone begins ringing, even if a call is busy or there is no answer. The cost is typically subtle but recurring as subscribers repeatedly pay some small amount for calls which were never completed.
Fraud against customers by third parties •
PBX dial-through can be used fraudulently by placing a call to a business then requesting to be transferred to "9-0" or some other outside toll number. (9 is normally an outside line and 0 then connects to the utility's operator.) The call appears to originate from the business (instead of the original fraudulent caller) and appears on the company's phone bill.
Trickery (such as
impersonation of
installer and telecommunications company personnel "testing the system") or bribery and collusion with dishonest employees inside the firm may be used to gain access. • A variant is a call forwarding scam, where a fraudster tricks a subscriber into
call forwarding their number to either a long-distance number or a number at which the fraudster or an accomplice is accepting
collect calls. The unsuspecting subscriber then gets a huge long-distance bill for all of these calls. • A similar scheme involves forwarding an individual PBX extension to a long-distance or overseas number; the PBX owner must pay tolls for all of these calls.
Voice over IP servers are often flooded with brute-force attempts to register bogus
off-premises extensions (which may then be forwarded or used to make calls) or to directly call
SIP addresses which request outside numbers on a gateway; as they are computers, they are targets for Internet system crackers. •
Autodialers may be used for a number of dishonest purposes, including
telemarketing fraud or even as
wardialing, which takes its name from a scene in the 1983 movie
WarGames in which a 'cracker' programs a
home computer to dial every number in an exchange, searching for lines with auto-answer data
modems. Sequential dialing is easy to detect, pseudo-random dialing is not. • In the US, owners of
customer-owned coin-operated telephones (COCOTs) are paid sixty cents for every call their users make to a
toll-free telephone number, with the charges billed to the called number. A fraudulent COCOT provider could potentially auto-dial 1-800 wrong numbers and get paid for these as "calls received from a payphone" with charges reversed. •
Autodialers are also used to make many short-duration calls, mainly to mobile devices, leaving a missed call number which is either premium rate or contains advertising messages, in the hope that the victim will call back. This is known as
Wangiri (literally, "One (ring) and cut") from Japan where it originated. •
809 scams take their name from the former +1-809 area code which used to cover most of the
Caribbean nations, since split into multiple new area codes, adding to the confusion. The numbers are advertised as offering services to callers in, typically, North America; they look like Canadian or US telephone numbers but are actually costly premium international calls that bypass consumer-protection laws that regulate
premium numbers based in the victim's home country. Some advertise
phone sex or other typically premium content. Ways to elicit calls include leaving unsolicited messages on
pagers, or making bogus claims of being a relative in a family emergency to trick users into calling the number, then attempting to keep the victim on the expensive call for as long as possible. A later version of the 809 scam involves calling cellular telephones then hanging up, in hopes of the curious (or annoyed) victim calling them back. This is the Wangiri scam, with the addition of using Caribbean numbers such as 1-473 (
Grenada) which look like North American domestic calls. • Pre-paid
telephone cards or "calling cards" are vulnerable to fraudulent use. These cards show an access number that can be dialed to bill worldwide toll calls to the card via a passcode printed on a particular card. Anyone who obtains the passcode can make calls charged to the card. •
Carrier access codes were widely misused by phone-sex
scammers in the early days of competitive long distance; the phone-sex operations would misrepresent themselves as alternate long-distance carriers to evade
consumer protection measures which prevent US phone subscribers from losing local or long-distance service due to calls to +1-900 or 976 premium numbers. This loophole is now closed. • In the US,
area code 500 and its overlays permit a "follow-me routing" in which, if the number has been forwarded to some expensive and arbitrary destination, the caller is billed for the call to that location. Similar issues existed with
area code 700 as the numbers are specific to long-distance carriers (except 1-700-555-4141, which identifies the carrier). Because of the unpredictable and potentially costly rate for such a call, these services never gained widespread use. •
Telemarketing fraud takes a number of forms; much like
mail fraud, solicitations for the sale of goods or investments which are worthless or never delivered and requests for donations to
unregistered charities are not uncommon. Callers often prey upon sick, disabled and elderly persons; scams in which a caller attempts to obtain
banking or
credit card information are also common. A variant involves calling a number of business offices, asking for model numbers of various pieces of
office equipment in use (such as photocopiers), sending unsolicited shipments of supplies for the machines, and then billing the victims at inflated prices. •
Caller ID spoofing is a technique used with many frauds to impersonate a trusted caller such as a bank or credit union, a law enforcement agency, or another subscriber. When the telephone rings, the number displayed as caller is the faked trusted number. These calls may be used for
vishing, where a scammer impersonates a trusted counterparty in order to fraudulently obtain financial or personal information. •
Call clearing delays, in some United Kingdom exchanges, could be abused to defraud users. For many years only the caller could disconnect a call; if the called party hung up the call it would not be disconnected. A thief would call a household and impersonate, for example, a bank or the police, and encourage them to call back, using a trusted number known to the victim. The caller could then play a recording of dial tone to trick the victim into thinking they were making a new call, while actually remaining connected to the original call; someone impersonating a bank or police officer would then come on the line. •
Cordless phones had additional vulnerabilities; with some models a
scanner radio could intercept analogue conversations in progress, or a handset of the same or a similar model as the target system may be usable to make toll calls through a cordless base station which does not authenticate calls. Obsolete analogue mobile telephones have stopped working in areas where the AMPS service has been shut down, but obsolete cordless phone systems may remain in service as long as analog telephony is supported. • A
scam involving Indian call centers targeting American or Canadian customers demanding "unpaid taxes" by impersonating government officials was reported in 2016. Similar government impersonation scams include the
SSA impersonation scam. • Every day, hundreds of scam calls are received on the US mainland which offer the recipients grant money from the Federal Government, but requesting a "small administration fee", although there are no fees associated with applying for or receiving a government grant. • During the 1980s, a common form of premium-rate fraud involved manipulating children (often through
television commercials, such as during
Saturday morning cartoons) to call a premium-rate number without their parents' knowledge or permission, sometimes going so far as to ask a child to hold the phone receiver up to the television set as it played
DTMF tones to automatically trigger the dialing of a premium number. Such practices are now illegal in the United States. • The
Can You Hear Me? telephone scam was alleged to be used in North America in 2017: the caller would ask a question with the answer "yes", then use a recording of the "yes" to make telephone transactions. • SMS pumping is a form of fraud where attackers exploit the messaging systems of businesses to generate revenue by sending high volumes of messages to premium-rate phone numbers. To achieve this, fraudsters target vulnerabilities in SMS gateways or APIs used by businesses for customer communication (such as verification codes or notifications messages). •
Payphones have also been misused to receive fraudulent collect calls; most carriers have turned off the feature of accepting incoming calls or have muted the payphones internal ringing mechanism for this very reason. •
Cloning has been used as a means of copying both the
electronic serial number and the telephone number of another subscriber's phone to a second (cloned) phone. Airtime charges for outbound calls are then mis-billed to the victim's cellular phone account instead of the perpetrator's. == See also ==