Hi there. This monday they notified me of a suspicious call one of the secretaries got at the clinic.

Long story short: some guy with Mexican accent phoned in in order to tell the secretary to tell one of the Doctors that he had sent him some documentation to him via parcel delivery with certain tracking number. He also told us it was related to a patient with a certain insurance policy with a certain insurance company. So far, so good (we deal with lots of foreigner patients and we often get documents shipped from somewhere else).

Then, the guy said: "By the way, it seems Dr. Ubaldo cancelled an appointment we had with him. Can you phone him to check?"

Mind you, "Dr. Ubaldo" is an external agent the clinic works with sometimes, but it is not part of the staff. So the secretary told him "We don't have his number."

Then Mr. Mexican gave her a phone number with a Mexican international prefix. At that point the secretary was a bit suspicious. She noted it down and told Mr. Mexican she would check later (she later said her idea was asking the boss if he knew what the fuck all that was about before phoning anywhere).

Mr. Mexican said "It'd be better if you called now."

"I can't call from this call center" (lie)

"Don't you have a mobile phone or something?"

"Yes, but I am not going to use my personal cell phone for an international job call."

And then Mr. Mexican hung up.

So research afterwards reveals the patient and the insurance policy does not exist and the whole thing seems to have just been a trick to lure the secretary into phoning that particular phone number.

Does anybody have the slightiest idea of what the goal was? My theory is that it was a recognizansse job to harvest data for future attacks.



--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.20-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)

Does anybody have the slightiest idea of what the goal was? My theory is that it was a recognizansse job to harvest data for future attacks.

Could be. There used to be some funny scam here in the states where they'd
get you to call a number and then somehow make money from you simply calling that number. I never understood how that worked, since they wouldn't have
your account info, unless they were making the money via your phone bill,
with the phone company being the middle man in the transaction.

I just recently had someone falsely attempt to obtain a credit card in my
name. The card company contacted me to make sure I applied for it. I said
I had not so they cancelled it. The odd thing is that the bad card came here instead of going to the fraudster.

I pulled a copy of a credit report and can see that the application
apparently had my home address on it. The difference is the phone number
is not mine and is from outside of my area. I suspect they are trying to
get that phone number linked to my public record so that, in future, they
can use it to gain access to other information.

Mike


* SLMR 2.1a * Innocent critters *squashed* on the highway of life!
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (618:250/1)

To: Arelor
Re: The weird scam call
By: Arelor to All on Wed Jul 17 2024 04:22 am

So research afterwards reveals the patient and the insurance policy does not exist and the whole thing seems to have just been a trick to lure the secretary into phoning that particular phone number.

Does anybody have the slightiest idea of what the goal was? My theory is that it was a recognizansse job to harvest data for future attacks.

it could have been part of a bigger scam to make it seem more credible to another person. or once she did that one step, then later on he would have her do another.

you have no way of knowing.
that's good that your office did not send out any information or do what
was asked.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (618:250/1)

To: Mike Powell
Re: The weird scam call
By: Mike Powell to ARELOR on Wed Jul 17 2024 10:49 am

From Newsgroup: micronet.chat.general

Does anybody have the slightiest idea of what the goal was? My theory is that it was a recognizansse job to harvest data for future attacks.

Could be. There used to be some funny scam here in the states where they'd get you to call a number and then somehow make money from you simply calling that number. I never understood how that worked, since they wouldn't have your account info, unless they were making the money via your phone bill, with the phone company being the middle man in the transaction.

I just recently had someone falsely attempt to obtain a credit card in my name. The card company contacted me to make sure I applied for it. I said I had not so they cancelled it. The odd thing is that the bad card came here instead of going to the fraudster.

I pulled a copy of a credit report and can see that the application apparently had my home address on it. The difference is the phone number
is not mine and is from outside of my area. I suspect they are trying to get that phone number linked to my public record so that, in future, they can use it to gain access to other information.

also with AI, people can get voice recordings to work with and then use them to exploit people later one.
who knows what could happened.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (618:250/1)

Hello Arelor!

** On Wednesday 17.07.24 - 04:22, Arelor wrote to All:

So research afterwards reveals the patient and the
insurance policy does not exist and the whole thing seems
to have just been a trick to lure the secretary into
phoning that particular phone number.

Does anybody have the slightiest idea of what the goal was?
My theory is that it was a recognizansse job to harvest
data for future attacks.

You said it. It was designed to lure you to call the number
the scammer wants you to call. From there, they might have
tried to convince the gullible to send money or get user
credentials or something.




--
../|ug

--- OpenXP 5.0.58
* Origin: The LOOK of MicroNET https://kolico.ca/ftn/micronet (618:250/1.9)

Hello Mike Powell!

** On Wednesday 17.07.24 - 10:49, Mike Powell wrote to ARELOR:

Does anybody have the slightiest idea of what the goal was?
My theory is that it was a recognizansse job to harvest
data for future attacks.

Could be. There used to be some funny scam here in the
states where they'd get you to call a number and then
somehow make money from you simply calling that number. I
never understood how that worked, since they wouldn't have
your account info, unless they were making the money via
your phone bill, with the phone company being the middle
man in the transaction.

It was quite a common trick in Canada too. There were the 900-
numbers too. Some people may have not realized that calling a
900-number would incur charges with the maximum of it going to
the owner of the 900-number.

I just recently had someone falsely attempt to obtain a
credit card in my name. The card company contacted me to
make sure I applied for it. I said I had not so they
cancelled it. The odd thing is that the bad card came
here instead of going to the fraudster.

Yeah.. I don't understand how the fraudster thinks they can
pull that one off unless they intercept your mail to get the
card that the credit card company sends you?

I pulled a copy of a credit report and can see that the
application apparently had my home address on it. The
difference is the phone number is not mine and is from
outside of my area. I suspect they are trying to get that
phone number linked to my public record so that, in
future, they can use it to gain access to other
information.

Maybe they think they can convince the credit card company that
they never received your card and offer a different address
claiming that you have moved?

--
../|ug

--- OpenXP 5.0.58
* Origin: The LOOK of MicroNET https://kolico.ca/ftn/micronet (618:250/1.9)

I pulled a copy of a credit report and can see that the
application apparently had my home address on it. The
difference is the phone number is not mine and is from
outside of my area. I suspect they are trying to get that
phone number linked to my public record so that, in
future, they can use it to gain access to other
information.

Maybe they think they can convince the credit card company that
they never received your card and offer a different address
claiming that you have moved?

I don't think it is just the card, though. They may not even care about
the card. Lots of fraud rings are into the long game now. So they have someone's personal info. They will do something like apply for a credit
card but change one bit of info... in this case, the phone number. Once
that phone number gets proliferated into the public record as attached to
that stolen identity, they now have control of one of the keys that places
ask for to allow account access.

Every call I made yesterday while tracking this down, they would ask me to verify a phone number (which, having worked in the industry, I know they
are likely bouncing off a list compiled by a data warehouse like Lexis
Nexis). If I give them a phone number that is linked to me, they then
texted me my access code to continue the call or web interaction.

Some of the calls I made were to have that phone number removed from my
credit report as it had alreday proliferated there.

Once that phone number proliferates, a fraudster can use that number to
receive access codes and then change all sorts of information to take over
the identity. Because the phone number doesn't belong to the real person,
they won't likely know what is going on until it is too late.

Until this time last year, I worked with an anti-fraud team. Your amateur
and part-time fraudsters are still about getting a credit card and spending
as much money as quickly as they can before they are detected. Big time
fraud rings have moved onto the long game as assuming identities is where the money really is.

Mike

* SLMR 2.1a * "Now who's laughing?! Now who's laughing?!" - Pagans
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (618:250/1)

also with AI, people can get voice recordings to work with and then use them to
exploit people later one.
who knows what could happened.

Scammers and fraudsters are definately going high tech.

Mike

* SLMR 2.1a * May The Force be with you...
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (618:250/1)

Mike Powell wrote to ARELOR <=-

Could be. There used to be some funny scam here in the states where they'd get you to call a number and then somehow make money from you simply calling that number. I never understood how that worked, since they wouldn't have your account info, unless they were making the money via your phone bill, with the phone company being the middle man in the transaction.

Some international numbers will do a reverse charge scam and charge you $40 for a 10-second call. Old-fashioned now in the US but internationally it might still work.

-- Sean

... Ghosts like to ride in elevators because it lifts their spirits.
--- MultiMail/Win v0.52
* Origin: Outpost BBS * Johnson City, TN (618:618/1)

Re: The weird scam call
By: Mike Powell to ARELOR on Wed Jul 17 2024 10:49 am

Could be. There used to be some funny scam here in the states where they'd get you to call a number and then somehow make money from you simply calling that number. I never understood how that worked, since they wouldn't have your account info, unless they were making the money via your phone bill, with the phone company being the middle man in the transaction.

I asked some people around here and it seems there are subscription services that are activated via phone. Stuff like "Phone +99 999 99 99 99 and you will get an SMS with the most important headlines every week." They charge you via phone bill. I think it is a plausible theory.

Still, I think it was a bit too targetted of a call to be about such a petty scam.


--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.20-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)

Re: The weird scam call
By: August Abolins to Arelor on Wed Jul 17 2024 09:35 pm

You said it. It was designed to lure you to call the number
the scammer wants you to call. From there, they might have
tried to convince the gullible to send money or get user
credentials or something.

I don't think that secretary has access to any money, other than her own :-P
--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.20-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)

To: Arelor
Re: The weird scam call
By: Arelor to Mike Powell on Sun Jul 21 2024 04:28 pm

I asked some people around here and it seems there are subscription services that are activated via phone. Stuff like "Phone +99 999 99 99 99 and you will get an SMS with the most important headlines every week." They charge you via phone bill. I think it is a plausible theory.

Still, I think it was a bit too targetted of a call to be about such a petty scam.

is that even possible for a 3rd party to charge on a cellphone bill?

i dont think that's possible nowadays.
they used to do that on land line phones. I would just say take that stuff off my bill.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (618:250/1)

Re: The weird scam call
By: Jas Hud to Arelor on Sun Jul 21 2024 05:25 pm

is that even possible for a 3rd party to charge on a cellphone bill?

i dont think that's possible nowadays.
they used to do that on land line phones. I would just say take that stuff off my bill.

I suspect it is possible, but ISPs in Spain are very paranoid so if anybody reports a fraudulent charge they will likely put the charging agency in a blacklist.


--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.20-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)

Jas Hud wrote to Arelor <=-

is that even possible for a 3rd party to charge on a cellphone bill?

Yes as the billing is still handles in the same way it was back in the day. 900 numbers and area code scams are
less common but they're still around, especially overseas where landlines are still very much alive and well.

-- Sean

... If you can't see the bright side, polish the dull side.
--- MultiMail/Win v0.52
* Origin: Outpost BBS * Johnson City, TN (618:618/1)

To: Digimaus
Re: Re: The weird scam call
By: Digimaus to Jas Hud on Fri Jul 26 2024 04:50 pm

From Newsgroup: micronet.chat.general

Jas Hud wrote to Arelor <=-

is that even possible for a 3rd party to charge on a cellphone bill?

Yes as the billing is still handles in the same way it was back in the day. 900 numbers and area code scams are
less common but they're still around, especially overseas where landlines are still very much alive and well.

is it really handled the same way though? i'm pretty sure if i called one of those numbers my carrier would just reject it.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (618:250/1)

Jas Hud wrote to Digimaus <=-

is it really handled the same way though? i'm pretty sure if i called
one of those numbers my carrier would just reject it.

I've been told by people I trust who work in the telco business it
still works the same but I have no personal experience.

-- Sean

... "There are people who have money and people who are rich. - C. Chanel
--- MultiMail/Win v0.52
* Origin: Outpost BBS * Johnson City, TN (618:618/1)