| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <44118D5C.5070307@csuohio.edu> Date: Fri Mar 10 14:30:27 2006 From: michael.holstein at csuohio.edu (Michael Holstein) Subject: War Dialing, Spoofed(?) Phone Number [area code 786], and calls across the US Caller-ID spoofing is trivial if you've got a digital (eg: T-1) line where you can send your own call signaling. It's also made much easier by several (mis)configured VoIP services -- if you have access to the SIP gateway of one, and run something like Asterisk, you can send any number you want along with your call. Caller-ID is like the return address on an envelope. Totally unimportant for call delivery, and you can write anything you want there. ~Mike. Steven wrote: > I debated about posting this to FD but it seems about as good of a place > as any to ask about this and perhaps someone can fill in the blanks. I > got a call the other from the number 786-718-9058 and when I answered, > it was a message in Spanish which I couldn't really hear and didn't > understand. That was the end of it. Well then it called again 5 days > later and got my voicemail and left the same message it had the other > day when I answered the phone. The message says the following: > > "Usted a agotado todas las opciones. Esta semana sera desconectada. > Gracias". > > > > Which apparently translates to: > > "You've terminated all the options. You'll be disconnected this weekend. > Thanks" > > > > Now I tried to call the number back only to find that it has been > disconnected or so my cell provider says. At this point I took to the > Internet and got your standard reverse search of: > > *The phone number "(786) 718-9058" is based in **Miami**, **FL** and the > registered carrier is Commpartners, Llc - Fl.* > > > I then Googled the phone number to find out that this thing has been > calling all across the US. Various people have reported that this > number asks them to press one, or is some sort of other scam. This has > lead me to think the number is spoofed and is perhaps someone's attack > on a person's legitimate cell phone number. However, the calls have > apparently been going on for months, back to a time when you could call > the number back and get a voicemail belonging to someone named John. I > am wondering if perhaps a VoIP box somewhere or something to this affect > has been infected and is doing this. I am wondering if any of you have > any insight on this or have any idea. > > Here is a page with some more info and testimonials from hundreds of > other people across the country getting these calls: > > http://blogcritics.org/archives/2005/08/26/153054.php > > > > There does not appear to be any link between areas, phone providers, or > even phone numbers. A few people have said that their phone number is > one off from their family member's and they have not received a call. > Other's have the same thing and report that their family member got the > same call a few moments later. No idea what's up with this. > > > > Anyway -- if anyone knows or wants to find out and succeeds - please let > me know what's up. > > > > Thanks > > > > Steven > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists