Slashdot Mirror
Sprint Cracks Down on TTY Relay Abuses
An anonymous reader writes "Sprint thinks it has found a way to keep West African scam artists from using Sprint's deaf-relay service to defraud people." Our previous two stories have background information.
But one former MCI relay operator said blocking internet addresses will only be a temporary obstacle for abusers of the Internet-relay system. That's because the scam artists can continuously find alternative Internet-protocol addresses...
I think every popular web-based service dealt with this issue years ago, including Slashdot. I guess nobody involved in setting up the TTY relay services ever ran a message board?
"Obviously it's had the effect of cutting down these calls, but they're going to find new hosts and call back anyway... It's always going to be a cat-and-mouse game."
Or to put it in the Slash vernacular, a troll-and-moderator game.
Grodevant would prefer a system in which legitimate users register in advance to gain access to the system.
Again, Slashdot provides an example of a solution. Sometimes, you need to be anonymous. But creeps and crooks are among those who prefer anonymity. So you simply flag the calls: "You have a call from a registered TTY user" vs. "You have a call from an Anonymous Coward".
I can see why the telcos didn't put these protections in place from the beginning, though... preying on the disabled is about as low as you can get. The companies simply didn't realize that these bastards have to look up to even see "as low as you can get".
Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
===
Sprint spokesman Steve Lunceford, would not detail how Sprint is trying to block the calls other than to say the company is looking at problematic Internet-protocol addresses and finding ways to block them before calls go through to operators.
So far, the effort appears successful. The volume of Internet-relay calls has returned to the level it was in early January, before massive abuse of the system began, Lunceford said.
===
This is only a temporary fix. If they're blocking specific IP addresses, then the scammers will start using proxies. I suppose they could also start blocking anything from a proxy server, but there might be legitimate deaf people using Anonymizer or similar service that would no longer be able to get through.
Is it possible to tell whether a particular HTTP request is coming from a proxy server, without knowing the IP address? Perhaps there is a descriptor in the packet somewhere that says it is going to be forwarded beyond the "apparent" destination?
Homestarrunner.net -- It's Dot Com!
I guess we will just have the Nigerian fraud to keep us company. Glad that one will never go away. Ive almost come to enjoy seeing emails with it in the message. sigh...
Party at O'zorgnax's Pub! Buy me a Slurmtini aye?
I hope we'll be seeing a reduction in scenarios like the Midwestern couple who owns a jewelry store:
Wife: Honey, the deaf Nigerian man is on the phone and he wants another $10,000 worth of raw diamonds. He wants to put the order on five different credit cards.
Husband: Hot-diggidy! Another vacation in Malibu!
You are in error. No-one is screaming. Thank you for your cooperation.
Sprint thinks it has found a way to keep West African scam artists from using Sprint's deaf-relay service to defraud people
Uh yeah simple...
You don't allow anyone from West Africa to purchase $30,000 or more worth of laptops from the US!
Duh.
It's a cut-and-paste of a comment from a previous story
There's more fun things to do with a TTY operator than just 419 scams.
Phone sex with a TTY operator relaying the action... ho, boy. I just hope that the operator in the middle's an uber-prim-and-proper woman who blushes like mad at the whole thing.
Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
These TTY scams take up a ton of time for the person who answers the phone. We get about ten TTY scam calls per week, and about 1 legit deaf call per month. That adds up to a lot of wasted time.
As a South African, let me assure you we are annoyed by West African/Nigerian just as much as anywhere in the world. Arguably Xenophobia (against Nigerians) is today a larger problem todya then racism was for us in the past.
So for an effective short term solution change these rules so that any operator who believes that it's a scam can (after some procedures have been followed) terminate the call.
I'm all for alternative solutions too, but this will make some headway into solving the issue. After the scammers know that you'll terminate the call as soon as it becomes evident then they'll look elsewhere.
Avantslash - View Slashdot cleanly on your mobile phone.
Whenever I make a telephone call, for whatever purpose, it is associated with my telephone number. Thus, I am accountable for the use of my communications equipment.
Why should it be different for people using TTY services? Provisions for anonymity only allow people to abuse the telephone system.
Wonderful scam on scammers: check this out - Ha ha ha ha . Some guy out there is a genius, funniest site in years.
You (and a lot of people) are missing a key fact: the relay service is ALSO legitimately used by hearing people to call deaf people. You can't just require everyone who uses the service to "prove you're deaf", or whatever.
In the past, anyone who needed to use the tty system had to own a piece of hardware to communicate to the relay, however, now with internet based relay calls, they only need to access a computer hooked up to the net.
I think the requirement for specialized hardware is the key to ending the abuse of the system. My idea would be to use a device, where the relay gives you code, and then you input it into the device, and it spits out a response. This would still keep the calls anonymous, but, would add a level of security to stop the scammers.
Unlikely as it is, they have to pay with their own money... not stolen credit cards!
Our little site gets these Nigerians attempting to purchase with stolen credit cards. It's pretty easy to spot, as we've never has a legitimate order to Nigeria... but it's an annoyance.
Eventually, I ended up logging their IP numbers and now I just drop any packet that appears to have originated in Nigeria. Worked pretty well so far... might have to imclude open proxies if they start using them. For anyone else faced with the same problem, here's a little list:
PJRC: Electronic Projects, 8051 Microcontroller Tools
I worked for one of the internet relay companies for a year and a half. The nature of the service really prevents a lot of options that seem common sense to techies unfamiliar with the ADA (Americans with Disabilities Act). The internet service needs to emulate the anonymous call setup - no logins, IDs, etc., unless you want to profile yourself or use spell dialing. Registration isn't allowed. The services can (but often don't) block IP ranges, but I think we all know how easy that is to get around. Using a proxy with a dial up connection from Africa makes the service incredibly slow.. so they are prone to drop out, although a lot of fraud callers will keep up 10 conversations at one time. Their strategy is making hundreds of calls and eventually one gullible American is going to fall for the scam. One successful $5,000 fraud a week is a lot more than they could make there. These calls are NOT going to stop as long as there are internet relay services. The big relay companies make money of each call even if they're fradulent, so they have no incentive to block the service other than to stop the tide of bad press and quitting employees. It's a wonderful service for the deaf and speech disabled (TTY phone technology is a joke), but I think it's a matter of opinion as to whether or not it's worth the flood of American taxpayer dollars going down the drain to pay for fraud.