Slashdot Mirror

← Back to Stories (view on slashdot.org)

AT&T Concerned About H2K2

Posted by michael on from the as-well-they-should-be dept.

An anonymous submitter forwards this possibly-authentic note about today's H2K2 conference. If you're in the New York area and you love computers and nice hotels, come on down. Anonymous writes "So I get into work, and what do I find in my mailbox? Why, nothing less than a warning cautioning me to be very careful talking to people from July 12 to July 14. (Not me specifically, you understand, it went out all over). Full text follows."

****************************************************************
AT&T Network Fraud Advisory
July 11, 2002
****************************************************************
Possible Hacker Social Engineering Attempts
Friday July 12 - Sunday July
14, 2002
===================================================
Caution:
------------
Be careful about giving information to anyone you don't know and those making unusual information requests by claiming to be an AT&T employee or customer. The H2K2 (Hackers on Planet Earth 2002) Hacker Conference will take place this weekend, Friday, July 12 to Sunday to July 14, 2001, [ed. note: 2001?] in New York City. This conference will be a gathering of over five thousand computer hackers, guest speakers, and computer enthusiasts. http://www.h2k2.net In 1994, 1997 and 2000 at the previous Hope (Hackers on Planet Earth) Conferences, live demonstrations of "social engineering" techniques were performed in front of thousands of hackers and other attendees. The hacker panel dialed live into AT&T offices and centers and demonstrated how to get proprietary information by pretending to be an AT&T employee and customer. These calls were recorded and videotaped by the hackers and are sold as instructional material at future hacker conferences. There is a very high likelihood that AT&T will be a target again this weekend. The social engineering contest is scheduled for Sunday July 14th, at 4 P.M. ET, (1 PM PT). During this period hackers may be dialing into AT&T to get information. AT&T Network Security would like to warn our employees to be on guard this entire weekend for any unknown person calling and claiming to be an AT&T employee to request proprietary information or claiming to be an AT&T customer with unusual requests. Remember, if anyone, who is unknown to you calls for proprietary information or make unusual requests, please follow your procedure by requesting additional information to ensure the person is who they say they are before giving out any information. If the person is claiming to be an AT&T employee, please request name, callback and HRID #. Then verify through POST or the email global address list if the information is correct and even request to call the employee back at their contact number. If the person is claiming to be an AT&T customer verify this by requesting additional info on their account like address and SS# and even request to call the person back at their contact number listed on the account. Please be on guard for any unusual requests. Verify the person is an AT&T employee or a legitimate customer and if they have a need to know the information they are asking. If you can't verify employment or number, don't give out the information. If you are still in doubt regarding the legitimacy of the caller, then speak to a supervisor regarding the situation before proceeding further and inform the caller you will call them back. If you still have questions you can call the Security Hotline 1-800-822-9009. Remember you do not want to be the lucky guest of honor on a telephone call from the hacker conference this weekend with thousands of hackers listening to you and attempting to scam AT&T out of proprietary information. Please be on guard.
- - - - - - - - - - - - - - - - - - - - - - - - -
Source: AT&T Network Security
*******************************************************************

15 of 362 comments (clear)

  1. Editors, again.... by Anonymous Coward · · Score: 2, Informative

    It might be useful to indicate that the Anonymous Coward is an AT&T employee of some sort, not an AT&T customer that some might think of at first.

  2. Should be common practice by Bartmoss · · Score: 3, Informative

    This kind of behaviour should be common practice, really.

  3. Help, they are attacking me ! by FullClip · · Score: 2, Informative

    Now I would try to dial into the Security Hotline
    ("Security Hotline 1-800-822-9009") and
    to pretend to be an alarmed AT&T employee ;)

    Or dial someone from AT&T pretending to be
    from the Security Hotline.

    Social Engineering attacks are so easy ...

  4. Re:HA! Social Engineering! by Anonymous Coward · · Score: 1, Informative

    Hmm yes - especially as it took me approx 2 mins to find a valid HRID out there on the net...

    http://www.google.com/search?hl=en&lr=&ie=UTF-8& oe =UTF-8&q=hrid+santamaria

  5. Re:Editors, please.... by Truti · · Score: 2, Informative

    No No No No!
    Hackers and crackers are not the same persons.... If you are a cracker and come to H2K2 then you will be blamed so hard as you can't just say you own name....

    BTW: If some of them do i'm sure that they will report it.. If you not report security ugs on systems you are just a simpel Blackhat and no body respect them.....

    Truti

  6. Number is legit by jloukinas · · Score: 2, Informative

    I called the 800# it is legit.

    J

  7. good thing this was posted by anon by jd142 · · Score: 5, Informative

    I bet AT&T would just love to get their hands on the person that posted this. AT&T did a very responsible thing: they saw a potential threat to the security of their customers, i.e., a lot of people who are reading this (and even if you don't pay AT&T directly, you might use their lines if you have a cable modem), and sent out a warning to remind their people. They included reminders of proper secure behavior. And what is the first thing an employee do? Leak the number and protocols to an outlet read by the people who are most likely to try and breach security. If you were my employee you'd get in some serious trouble.

    Many people who do the social engineering hack make fun of companies for having clueless employees or employees that don't follow basic guidelines. So for those few who make fun of AT&T for doing this, I'd say you can't have it both ways.

    We should be applauding AT&T for reminding their people of basic security precautions.

    1. Re:good thing this was posted by anon by Lando · · Score: 4, Informative

      Speaking as an ex-ATT employee. It's really not a problem with sending the memo out to the world...

      These are the standard policies that ATT uses to verify the authenticity of calls. It's nothing out the ordinary, just a reminder to people that they should be verifiying identity before they give out information.

      --
      /* TODO: Spawn child process, interest child in technology, have child write a new sig */
  8. Re:Some security! by Ageless · · Score: 3, Informative

    Uh, do you not have any utilities coming in to your home? Almost every single utility I have uses SSN and requires it for transactions.

    As for your statement. Your employer is not allowed to require your SSN but you are required to provide a way for them to tax you. That can be a tax id or something but doesn't have to be SSN.

    The difference is that if a company has a policy then they can choose to not do business with you. If you don't want to provide SSN, well, Long Distance isn't a right.

  9. Re:Hah by Patrick13 · · Score: 4, Informative

    ya know.... 800 numbers have global caller ID. I wouldn't recommend calling this number from, say, your workstation, at the place where work for a living.

    --
    ::.. check out some Cell Phone Reviews
  10. Re:Some security! by ph0rk · · Score: 2, Informative

    and how often are you calling internal AT&T numbers posing as an employee? (perhaps rightly so).

    All the megacorps do this, if nothing else, simply because the company is so damn big the person has never heard of you, your manager, or your manager's manager.

    --
    semantics are everything!
  11. Evidence that this is fake by saforrest · · Score: 3, Informative

    Read this very similar AT&T warning about a 1998 DEF CON conference:

    http://www.defcon.org/TEXT/6/att-dc-6-alert.txt

    Unless AT&T has not changed its warnings in three years (unlikely) and such warnings have been leaked multiple times (more unlikely) this would seem to be a fake.

  12. Re:Some security! by sysadmn · · Score: 4, Informative

    If you had bothered to read the article, you'd note that it says that AT&T was burned by this in the past, and they'd like to avoid being burned again. I'd hardly call this "spurious" or "worthless".

    --
    Envy my 5 digit Slashdot User ID!
  13. Re:What a great fuss about nothing by Abraxis · · Score: 2, Informative

    mad (adj) Extremely, very, a large quantity.

    props ( propz ) (n) Compliments; kudos; statements of thanks; respect; esteem. An abbreviation of "propers" or proper respects. At an award ceremony the winner gives props: "And I would like to thank...".

  14. They do the same warning during DefCon by esseilte · · Score: 2, Informative

    Every year in Las Vegas, AT&T issues the same warning, and generally, every year, someone still succeeds at socially engineering some information from them.