More on Scammers Abusing TTY Services
edward ericson writes "A more comprehensive look at IP Relay scams and their effect on relay operators, the deaf, US business and the relay providers like Sprint, AT&T and MCI. Unlike a previous piece in the AZ Star, this one shows that the problem is at least a year old, and estimates that the companies have earned at least $23 million by facilitating scams. Anyone here care to discuss IP blocking techniques?" See our previous story for more.
I work overnights in a call center, doing mostly tech support, but I am in a overflow buffer for a customer service/retail catalog. These calls are some crazy stuff. They take forever, the person is slow to respond, always wants the item shipped right now, before we run the credit card. It's always obscene amounts of stuff too. For example they may call and ask for one thing, and you say we are out, then they take the next item up, 5-10 of them. They are items that people would never buy more than 1 of, maybe 2. Does the company care? The outsourcing company doesn't, they are getting paid per call. The retailer, doesn't seem to care as much as they should. I don't know how various write-offs work, but my guess is they probably use this in their taxes, the fraud loss I mean. The relay(phone) companies need to put a stop to this.
I am currently employed by an online retailer. We've been dealing with this problem for at least TWO years. The basic scenario goes something like this: we receive an order placed online with an obscene total, next day shipping, a yahoo email addy, or a combination of other flags that tell us it's fraud. The credit card address verification always comes back "does not match" in these cases. Then we send them a polite email stating that we can't process their order any further until the address does match. Within minutes the call center receives a call from an IP relay operator. Occasionally, they don't identify themselves as IP operators. So we always ask "Is this an IP relay call?" So far, they've never denied it. (In the last two years we've documented ONE TTY call.) At this point we accept the call and then explain to the scammer that we can't accept IP relay calls and that they should send us an email. Shortly thereafter we get an email from a different yahoo account that reads like a 419 scam. It's fun.
Basically, the theory is that if someone is legitimately using the service, they're perfectly capable of sending email. The benefit is that we minimize the time spent dealing with scammers.
If anyone else has methods of dealing with this nonsense, I'd love to hear it.
What's likewise crazy about online fraud to me is the following scenario.
As an online merchant, we see online orders that are clearly fraudulent. But the credit card still goes through (we 'authorize' first which just deducts from your credit limit). We decide not to take the order; thus we don't do a 'capture' on the card that would deduct the money from the poor guy's credit card account. That way we avoid getting charge-backs that would ruin our merchant rating and that would cost us in the end anyway (if caught). But we do log that credit card # in our database. Sometimes SIX MONTHS LATER the fraudster will use that same credit card # on our site again and it is *still* being accepted by Visa/Mastercard!
This is a broken system. As a merchant, we have no way (that I know of) to warn Visa/MasterCard or the issuing bank or the card holder that the number is being used for fraud! (Besides just going ahead and charging the card, knowing its fraud.) Certainly not an automated way to do so in the same way that we connect to payment gateways. It's just not in Visa's/Mastercard's interest to put a system in place because at the end of the day, the merchant is liable.
I'm interested if anyone knows of a place where merchants can swap info about fraudulent cards or other fraud data.
--LP
There are some perfectly legal things they can do to make these calls as poor quality as possible. For example, relay operators are allowed to hand the call off to another operator (e.g., use the bathroom in the middle of a long call, etc). They can also speak the text with long pauses between words, etc. Driving the quality of service for these types of calls down would very quickly make the mark less willing to stay on the line. However, this would give the relay a bad name in the hearing community.
... No?... (stock explaination, follwed by) Please be aware that some calls placed through the relay are overseas fraud. Operators are not allowed to terminate calls but if you suspect fraud at any time, you may hang up..."
Alternatively, CAs are allowed to deliver a short instruction about the service. One could easily imagine a modification: "Have you ever used the relay before?