Slashdot Mirror
Sprint Cracks Down on TTY Relay Abuses
An anonymous reader writes "Sprint thinks it has found a way to keep West African scam artists from using Sprint's deaf-relay service to defraud people." Our previous two stories have background information.
Can someone tell me what's up with these west african countries? Nigeria for example, it's all over the scam radar, their area code is synonymous with scam.
How come we don't hear of scammers from Cuba, Russia, Afghanistan, Iraq, Korea, or any of america's historical and/or current enemies? Is it a media thing to drop west african country names when they refer to these kinds of scam?
Does Nigeria really have a monopoly on scamming stupid americans? Are their organized crime mobs this pathetic that the best they can come up with is phone and email scams? Why can't they go into drug trade or union corruption like a *real* mafia would?
But one former MCI relay operator said blocking internet addresses will only be a temporary obstacle for abusers of the Internet-relay system. That's because the scam artists can continuously find alternative Internet-protocol addresses...
I think every popular web-based service dealt with this issue years ago, including Slashdot. I guess nobody involved in setting up the TTY relay services ever ran a message board?
"Obviously it's had the effect of cutting down these calls, but they're going to find new hosts and call back anyway... It's always going to be a cat-and-mouse game."
Or to put it in the Slash vernacular, a troll-and-moderator game.
Grodevant would prefer a system in which legitimate users register in advance to gain access to the system.
Again, Slashdot provides an example of a solution. Sometimes, you need to be anonymous. But creeps and crooks are among those who prefer anonymity. So you simply flag the calls: "You have a call from a registered TTY user" vs. "You have a call from an Anonymous Coward".
I can see why the telcos didn't put these protections in place from the beginning, though... preying on the disabled is about as low as you can get. The companies simply didn't realize that these bastards have to look up to even see "as low as you can get".
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
===
Sprint spokesman Steve Lunceford, would not detail how Sprint is trying to block the calls other than to say the company is looking at problematic Internet-protocol addresses and finding ways to block them before calls go through to operators.
So far, the effort appears successful. The volume of Internet-relay calls has returned to the level it was in early January, before massive abuse of the system began, Lunceford said.
===
This is only a temporary fix. If they're blocking specific IP addresses, then the scammers will start using proxies. I suppose they could also start blocking anything from a proxy server, but there might be legitimate deaf people using Anonymizer or similar service that would no longer be able to get through.
Is it possible to tell whether a particular HTTP request is coming from a proxy server, without knowing the IP address? Perhaps there is a descriptor in the packet somewhere that says it is going to be forwarded beyond the "apparent" destination?
Homestarrunner.net -- It's Dot Com!
I guess we will just have the Nigerian fraud to keep us company. Glad that one will never go away. Ive almost come to enjoy seeing emails with it in the message. sigh...
Party at O'zorgnax's Pub! Buy me a Slurmtini aye?
I hope we'll be seeing a reduction in scenarios like the Midwestern couple who owns a jewelry store:
Wife: Honey, the deaf Nigerian man is on the phone and he wants another $10,000 worth of raw diamonds. He wants to put the order on five different credit cards.
Husband: Hot-diggidy! Another vacation in Malibu!
You are in error. No-one is screaming. Thank you for your cooperation.
I hope this doesn't mean no more free calls ;)
Sprint thinks it has found a way to keep West African scam artists from using Sprint's deaf-relay service to defraud people
Uh yeah simple...
You don't allow anyone from West Africa to purchase $30,000 or more worth of laptops from the US!
Duh.
It's a cut-and-paste of a comment from a previous story
You're telling me these have been scams all along?! Oh boo...
There's more fun things to do with a TTY operator than just 419 scams.
Phone sex with a TTY operator relaying the action... ho, boy. I just hope that the operator in the middle's an uber-prim-and-proper woman who blushes like mad at the whole thing.
Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
No, it's something I typed after the article text. Is it a crime?
The "Props to Gay N*****" part probably... article texts should be posted as anonymous anyway.
The only purpose of the post was to get karma while using that sig. It's a troll.
These TTY scams take up a ton of time for the person who answers the phone. We get about ten TTY scam calls per week, and about 1 legit deaf call per month. That adds up to a lot of wasted time.
Implement a one-time password that expires after X minutes of generating it.
ie - deaf person contacts sprint operator, and proves he or she is deaf by faxing disability papers from the government. They now will have an account with Sprint's TTY service, and before using it, they simply call an 800 number and enter their social security number and PIN number they chose. This will generate a random password they can enter when making a TTY call that will expire 10 minutes after, or maybe after it is used once.
i realize this information can be used by scammers who steal it in whatever way, but it should cut down on the total number of scammers, by quiet a bit too.
...this was the sort of thing that could provoke an international incident, even a war. Though, I'll concede Helen of Troy might have a bit more literary appeal than Joe Bloe Nigerian Scammer Dude.
Now, we suck it up and try to live with it, or work around it.
Has civilization taken a step forward, or a step backwards? Seriously.
Xentax
You shouldn't verb words.
As a South African, let me assure you we are annoyed by West African/Nigerian just as much as anywhere in the world. Arguably Xenophobia (against Nigerians) is today a larger problem todya then racism was for us in the past.
...is how it can be illegal to report illegal activity. I mean, if I use this service to, say, hire a killer to get rid of my annoying wife, then there's nothing they do about it?
Sorry but if that isn't fucked up then I don't know what is.
Comment here.
So for an effective short term solution change these rules so that any operator who believes that it's a scam can (after some procedures have been followed) terminate the call.
I'm all for alternative solutions too, but this will make some headway into solving the issue. After the scammers know that you'll terminate the call as soon as it becomes evident then they'll look elsewhere.
Avantslash - View Slashdot cleanly on your mobile phone.
Not worth my karma points.... :)
It took you an HOUR to figure this out and cut it "short"?
It would have been MAYBE a 30 second phone call with me. MAYBE.
Wow, lay off the caffeine. You're being hypersensitive and wasting too much time reading your past posts, hoping to whore some karma.
have to register with the government? I know of a government that tried that once ... Nazi Germany. (Godwin's Law, this tripe (dupe, but 3x) is over)
It should be noted that the above post is ripped from the previous article, and was originally posted by n1ywb. The original post can be read here.
Parent is a karma whore.
What part of "shall not be infringed" is so hard to understand?
However, since use of this service is not a right, but a privilege, it seems fair to go ahead and throw out some of the babies, and let them get back in the bath on an individual basis. If you get blocked from using the service, there ought to be someone you can call to establish that you are using it for legitimate purposes. As long as they have that, seems to me they can implement whatever filters they see fit.
My site: Free Nature Pictures
Whenever I make a telephone call, for whatever purpose, it is associated with my telephone number. Thus, I am accountable for the use of my communications equipment.
Why should it be different for people using TTY services? Provisions for anonymity only allow people to abuse the telephone system.
Unfortunately, we will se NO reduction in lame jokes from Californicates and New Yuckers like you...
AFTER ALL THIS MIGHT EXPLAIN :)
WHY SOME SCAM ARTISTS LIKE
TO SHOUT...
Here is an honest scammer:
DEAR MADAME
I AM DEF AND DISABLED DUE TO
A TERRIBLE TRAFFIC ACCIDENT
THAT OCCURED ON JULY 21ST IN
LAGOS CITY.
MY LEGS WERE PULVERISED WHEN
A BEER LORRY CAREENED OFF THE
ROAD AND INTO MY STALL.
I AM NOW REDUCED TO ENJOINING
FOREIGNERS WITH CONSIDERABLY
MORE WEALTH THAN MYSELF FOR
CERTAIN FORMS OF ASSISTANCE.
I DO NOT HAVE $50MM IN A BANK.
I DO NOT EVEN HAVE AN ACCOUNT.
BUT YOU ARE STILL WELCOME TO
SEND ME SOME MONEY. US$2000
WOULD BE WELCOME.
NOTE I AM DIRECTING THIS THRU
SPRINT BECAUSE I DID NOT GO
SCHOOL AND CANNOT WRITE.
THE OPERATOR HAS KINDLY PUT
EVERYTHING INTO CAPITALS SO
THAT YOU CAN HEAR ME BETTER.
SIGNED
OBAY D. OBASANJO
Kids in my highschool used to have phone sex over that system.
Wonderful scam on scammers: check this out - Ha ha ha ha . Some guy out there is a genius, funniest site in years.
Here.
I think that the scams are more effective if they come from a conutry that people don't automatically associate with crime/scams. Obviously if you are aware of these scams you will associate Nigeria with these, but you are not their targets. If Joe@AOL gets an email asking for money to be sent to Russia, he may think twice.
LIVE, Love, die
REFUSE to accept credit card transactions for non-U.S. customers (primarily those in nations well-known as scamming bases). If they want $30,000 in laptops, they can handle the banking necessary to get a loan and make a wire transfer. Also, the symptoms of these scammers is that they seldom have clear descriptions of what they want. I don't know a single legitimate business that would fork out $30,000 for "whatever your most expensive laptop is".
I don't handle the finance end of things, but I would suggest calling the bank and reporting such a suspicious transaction. The bank then calls the customer and verifies that the intended purchase is legitimate. This would hamper these guys in two ways: You wouldn't accept the card and now the legitimate card-holder knows the number is stolen.
BTW -- what are credit card companies doing to deal with these scammers? How can that many stolen credit card numbers (with those kinds of balances) exist and not have MasterCard or Visa heavily on the tails of the perps?
I was taking one day at a time, but then several days got together and ambushed me. (from a Rhymes with Orange comic)
Uh no, a "-1, Troll" is definitely different than a "-1, Overrated".
Overrated's don't go into metamod, overrated's are less stigmatizing than Trolls, Overrated is spelled differently, etc. I could go on for a few hours.
Perhaps you have not gotten the 300+ Emails that I have gotten ... all people from or claiming to be from Nigeria. (There have been arrests for Nigerian scammers that are Europeans claiming to be from Nigeria). Thus 'Nigerian scam'.
Perhaps you are relegated to posting at -1 because of the inflamatory way in which you ask questions. Claim that three-digit area-codes could apply to Africa *they don't*, and seem to imply that there is a conspiracy against Nigeria (which is the origination of the classic Nigerian scam). Read the FAQ I linked above and educate yourself.
Also, if you want Karma Whore, check out Lost Cluster. Two out of his most recent 35 comments are below 1.
In the past, anyone who needed to use the tty system had to own a piece of hardware to communicate to the relay, however, now with internet based relay calls, they only need to access a computer hooked up to the net.
I think the requirement for specialized hardware is the key to ending the abuse of the system. My idea would be to use a device, where the relay gives you code, and then you input it into the device, and it spits out a response. This would still keep the calls anonymous, but, would add a level of security to stop the scammers.
When my obscure relatives who were involved with shady deals die?
(From the article)
...the company is looking at problematic Internet-protocol addresses and finding ways to block them
;)
What's this new "Internet-protocol address," and how do I get one?!?
Diplomacy is the art of saying, "Nice doggie!" until you can find a rock.
A person from Nigeria is Nigerian. Someone from Niger is Nigerien. Note that the first i is long, and the g is a j sound, like "general," not like "good," so it doesn't sound even remotely like "nigger."
When is it that Sprint is going to educate and "empower" their phone operators to cut off the scandalous calls? This kind of action, I feel, would have a more daunting effect on 419 trollers.
This sig no verb.
Oh absolutley. What with the blacks being virtual slaves to the charming, piggy-eyed Boers.
Yep a few scam emails is far worse.
I still don't understand why people fall for these scams. As far as I'm concerned, it's a litmus test for stupidity. Anyone foolish enough to ship $30k worth of equipment to a person they don't know in a foreign country without checking the integrity of the transaction deserves to lose their money and learn from the experience.
One of the sites on my server is a classified ad site, and we've had several reports of people getting fleeced with the Nigerian forged-cashiers check overpayment scam. Again, why someone selling something would accept overpayment and then wire the difference back to the party or their agent is beyond stupidity. Ironically the best thing that could happen to these people is for them to get ripped off so some of that naivety will be summarily stripped from their barnacle-encrusted brains.
I'm not saying the scammers should be allowed to operate, but any action taken by "authorities" should be considered more of a favor for stupid people, than a responsibility. No amount of enforcement or technology will ultimately keep a fool and his money from being separated.
It strikes me that this is a crime that's decidedly low-tech, not high tech, and that the people behind it don't have the resources or skill to scan for open proxies or other methods of subterfuge to accomplish it.
So why won't this be successful?
Hahhaaaa, you stupid Karma Whore, thought you would get points out of this????
No, it is a right. It's required by the Americans with Disabilities Act. That's why turning it off for these scammers is so hard.
Today is Freedom Day (10 years of democracy) in South Africa, we inaugurated our third democratically elected president (Thabo Mbeki, this will be his second term - 2 terms is the maximum allowed by our constitution). The election was totally peaceful, and has been declared free and fair both by the Independant Electoral Commission and several international monitoring organisation. Note: No hanging chads! No offense: your a couple of years out of date. It is true that we achieved "regime change" by peaceful means, and thus Afrikaaners (also know as Boers about 100 years ago) are still in relatively good positions. Our economy is in much better position then ever before.
Liberty in your lifetime
:-) Works for my email. Why not for a TTY? Heck they are probably sending the same message they send to my inbox numerous times.
Just send a message on occassion, with:
Blocked 299413 Spam and Transfered 0
That way people can "SEE" the difference.
Scott Carr
I think that one of the most disgusting images on the 'net can be found at that site.
(note: Image is safe for work. Contains no nudity or profanity. It merely contains a phrase that is utterly revolting and could cause nausea, vomiting and a desire to dig your eyeballs from your skull with a spoon if you understand the reference made in it).
STOP MISUSING APOSTROPHES, YOU MORONS!!!
Our economy is in much better position then ever before.
Of course it is. You have all these rich businessmen dropping dead, leaving their money in your banks and not specifying any next of kin or leaving a will. I received two solicitations in a rwo for two different dead men's fortunes, each valued at $50,000,000!
(note: I'm pretty sure that the scammer in question, who claimed to work in a bank in South Africa, is actually in Nigeria. I have reasons for suspecting this beyond "all of them are in Nigeria". I'm just being silly here)
STOP MISUSING APOSTROPHES, YOU MORONS!!!
The IP TTY relay service costs taxpayers $1.39 per minute.
It is available for free to anyone, anywhere, 24x7.
They will even make long distance calls on your behalf.
Is anyone truly surprised that the system gets abused? Think about it. You, the taxpayer, are paying for scams, phone sex, student college jokes, and pizza. Is this how you want your tax dollars spent?
The next pasture is always greener
that laugh was worth +5 to me. gutless deaf lovers modded you down to -1 and YOU WERE ON TOPIC
While relay is anonymous (just as anonymous as a person-to-person call) - that means just like any other person to person call, the local police can still order a search warrant for your IP address. Then the Police will still knock on your door in short order, and you will be arrested (after your computer has been searched for evidence of tampering/open relay, etc).
So, you can talk-the-talk, but if you did something like this and got away with it - you were going through at least one more layer of obfuscation. Otherwise, you probably aren't at your computer anymore to get this reply... (Hi officer - I tried to tell him he's being stupid).
Kinetic stupidity has a new brand leader: Allen Zadr.
Disabled people using this system have (and should have) the same expectation of privacy that normally-abled people do.
That is to say, unless a warrant has been already served for the purpose of tapping the line, no part of the call will be monitored or recorded. This is the expectation guaranteed by the law for everyone.
This system for the deaf requires an actual *person* to be involved in the process, as well as special equipment. The law protects the deaf user, requiring that the assisting person conduct themselves in specific ways, specifically regarding their memory of the call as inadmissable in court, and unusable for any purpose. This assures the deaf user the same expectation of privacy as the hearing user.
It's all about equality. Now, if you're willing to give up *your* expectation of privacy in order to fix this system, that's another discussion altogether.
-Zipwow
I don't know which is more depressing, that 2/3 didn't care enough to vote, or that 1/2 of those that did are crazy.
Perhaps all the /.'ers realized that the first time some operator made a mistake, flagging a deaf school adminstrator buying laptops perpahs, that they'd be in violation of the federal law applying to these operators?
Nah, that can't be it.
-Zipwow
I don't know which is more depressing, that 2/3 didn't care enough to vote, or that 1/2 of those that did are crazy.
I am somewhat familiar with the deaf world (definitely moreso than hearing folks). What if you have 1 or 2 deaf friends? Is it worth it to spend 300-700 dollars (US) on a device that only can call them, and that may not work calling internationally, in Texas (some TTYs sold in Texas use "TurboCode", not Baudot), etc?
The first internet call of the day I get, I type my little phrase and the person types back (after 1-2 mins of delay which is a clear sign they are far away) New York, USA. I outdial to some electronics store and the guy starts with his scam and then adds... and could you please give me the total including shipping to Nigeria. I fucking hung up. Yes, I hung up on the fucking electronics store, then hung up on the Goddamn bastard Nigerian. FCC can lick my balls. I was really fucking pissed off.
I could get fired. I could also get thrown in jail for punching someone in the nose, but that wouldn't stop me if they started talking shit about my mom. You can only push people so far. I'm not even supposed to be talkign about this but I am so frustrated you can't imagine. Most deaf people don't even use Sprint Relay Online.
It's a fact I can't remember the last time I took a call through Sprint Relay Online that wasn't fraud, or some idiot doing a prank call. They might as well just unplug that fucker.
Radiohead, Peter Gabriel, local 974(Peoria, IL, USA) needs your help. You can never go home but you can have a good time where your at. We love ya. local 974
Thanks Slashdot, we've always known you were goood people. I can see it. I can see IT.
Well duh. Dunno why my brain didn't think of the obvious. Was pretty tired at the time, lol.
I worked for one of the internet relay companies for a year and a half. The nature of the service really prevents a lot of options that seem common sense to techies unfamiliar with the ADA (Americans with Disabilities Act). The internet service needs to emulate the anonymous call setup - no logins, IDs, etc., unless you want to profile yourself or use spell dialing. Registration isn't allowed. The services can (but often don't) block IP ranges, but I think we all know how easy that is to get around. Using a proxy with a dial up connection from Africa makes the service incredibly slow.. so they are prone to drop out, although a lot of fraud callers will keep up 10 conversations at one time. Their strategy is making hundreds of calls and eventually one gullible American is going to fall for the scam. One successful $5,000 fraud a week is a lot more than they could make there. These calls are NOT going to stop as long as there are internet relay services. The big relay companies make money of each call even if they're fradulent, so they have no incentive to block the service other than to stop the tide of bad press and quitting employees. It's a wonderful service for the deaf and speech disabled (TTY phone technology is a joke), but I think it's a matter of opinion as to whether or not it's worth the flood of American taxpayer dollars going down the drain to pay for fraud.
These look like typos--the third octet will get zeroed out by the netmask. Are you sure you entered them correctly?
There's a detail that some of you are missing, and, as a former operator, I feel I ought to clear it up:
What's being discussed in these articles is NOT TTY relay. IP relay is a website that theoretically works just as if it were a TTY from the point of view of the consumer.
This is good for the deaf people because they don't need a TTY every time they need to make a phone call. All they need is web access. This is bad, on the other hand, because Nigerians can use it, as well as 13 year olds who like to hear adults say 'penis'.
Hmmm, well first of all, if scammers are using Visas (stolen or not) to make purchases, then the assumption of anonymity of legit callers doing the same is a bit low.
That is to say, if somebody calls to use the TTY service without using a Visa, whatever, anonymous. If somebody calls to make a Visa purchase... his/her ID is tied to the credit card.
So the solution would really be to do some of the following:
a) Assign special ID's/passwords for those legit callers using the system, but have them required only for monentary transactions (again, in which case the Credit Card is an identifier anyhow).
b) As per with many online stores: only ship to the billing address(es) listed with the CC company.
And I can't believe no one has posted the link to the Internet Relay under discussion! Feel free to try it yourself...
I paid the going retail price for a Windows screen reader and got a free Unix computer!