[VoiceOps] h.323 breech and toll fraud case

Alex Balashov abalashov at evaristesys.com
Wed Jan 26 19:43:00 EST 2011


Carlos,

On 01/26/2011 06:20 PM, Carlos Alvarez wrote:

> 1. What is the scam here? The recipient of those calls doesn't gain
> anything, and placing a few calls to three specific satellite phones
> seems to have little purpose. Many of the calls were concurrent. It all
> happened in the span of just a few hours.

In my experience, generally speaking the scam is contingent on the party 
that's doing the hacking being involved on both sides.

They initiate the calls, but they are also in bed with whoever is taking 
the calls (or is a high-margin intermediary in completing the calls, 
depending on the cost structure of that particular destination and 
infrastructure).  Therefore, they get some non-trivial percentage of the 
charges kicked back to them in some fashion or another.

This is not an uncommon occurrence with telcos that run premium numbers 
or some special rural tariffs in other countries.  It's rather akin to 
rural ILEC access charge arbitrage / traffic pumping schemes in the US, 
in the sense that someone either shows up at the telco's door purporting 
to offer some sort of "free" service or "novel" business model that 
seeks profit sharing in the access revenue to make it work, or, for the 
more ballsy ones, dispense with any such pretense and simply conspire 
with the telco to game some calls in with false answer supervision or 
other blatant tomfoolery in return for a cut of the toll action.  The 
difference is that with costs in the several dollars/minute, there's 
just a lot more money to be made in other jurisdictions, not fractions 
of pennies.

-- Alex

-- 
Alex Balashov - Principal
Evariste Systems LLC
260 Peachtree Street NW
Suite 2200
Atlanta, GA 30303
Tel: +1-678-954-0670
Fax: +1-404-961-1892
Web: http://www.evaristesys.com/


More information about the VoiceOps mailing list