[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri Mar 10 16:01:20 2006
From: steven at lovebug.org (Steven)
Subject: War Dialing,
Spoofed(?) Phone Number [area code 786], and calls across the US
I am familiar with how trivial it is to spoof (especially now a day), but
that wasn't exactly the point. This activity is far from being limited to a
few area codes or people -- it's literally thousands of people. I'd imagine
people on this list have probably even received the calls or will soon. It
is just so strange and I am wondering what the root cause for it is.
----- Original Message -----
From: "Michael Holstein" <michael.holstein@...ohio.edu>
To: "Steven" <steven@...ebug.org>
Cc: <full-disclosure@...ts.grok.org.uk>
Sent: Friday, March 10, 2006 9:29 AM
Subject: Re: [Full-disclosure] War Dialing, Spoofed(?) Phone Number [area
code 786], and calls across the US
> Caller-ID spoofing is trivial if you've got a digital (eg: T-1) line where
> you can send your own call signaling. It's also made much easier by
> several (mis)configured VoIP services -- if you have access to the SIP
> gateway of one, and run something like Asterisk, you can send any number
> you want along with your call.
>
> Caller-ID is like the return address on an envelope. Totally unimportant
> for call delivery, and you can write anything you want there.
>
> ~Mike.
>
> Steven wrote:
>> I debated about posting this to FD but it seems about as good of a place
>> as any to ask about this and perhaps someone can fill in the blanks. I
>> got a call the other from the number 786-718-9058 and when I answered, it
>> was a message in Spanish which I couldn't really hear and didn't
>> understand. That was the end of it. Well then it called again 5 days
>> later and got my voicemail and left the same message it had the other day
>> when I answered the phone. The message says the following:
>>
>> "Usted a agotado todas las opciones. Esta semana sera desconectada.
>> Gracias".
>>
>> Which apparently translates to:
>>
>> "You've terminated all the options. You'll be disconnected this weekend.
>> Thanks"
>>
>> Now I tried to call the number back only to find that it has been
>> disconnected or so my cell provider says. At this point I took to the
>> Internet and got your standard reverse search of:
>>
>> *The phone number "(786) 718-9058" is based in **Miami**, **FL** and the
>> registered carrier is Commpartners, Llc - Fl.*
>>
>>
>> I then Googled the phone number to find out that this thing has been
>> calling all across the US. Various people have reported that this number
>> asks them to press one, or is some sort of other scam. This has lead me
>> to think the number is spoofed and is perhaps someone's attack on a
>> person's legitimate cell phone number. However, the calls have
>> apparently been going on for months, back to a time when you could call
>> the number back and get a voicemail belonging to someone named John. I
>> am wondering if perhaps a VoIP box somewhere or something to this affect
>> has been infected and is doing this. I am wondering if any of you have
>> any insight on this or have any idea.
>>
>> Here is a page with some more info and testimonials from hundreds of
>> other people across the country getting these calls:
>>
>> http://blogcritics.org/archives/2005/08/26/153054.php
>>
>> There does not appear to be any link between areas, phone providers, or
>> even phone numbers. A few people have said that their phone number is
>> one off from their family member's and they have not received a call.
>> Other's have the same thing and report that their family member got the
>> same call a few moments later. No idea what's up with this.
>>
>> Anyway -- if anyone knows or wants to find out and succeeds - please let
>> me know what's up.
>>
>> Thanks
>>
>> Steven
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
Powered by blists - more mailing lists