Dvorak and the $30,000 BBS scam

[Dave Farquhar]

John C Dvorak mentioned an old scam in his PC Mag column this week. I think he's mis-remembering, but want to run it past some other people who were around in the BBS era. Here's the money quote:

I'm immediately reminded of the online scams that took place during the modem era of communications. You'd be given a number to call, and it would actually be some sort of scam. The local number would connect to a BBS of some sort which would send a code back to the modem to turn off the speaker, so you couldn't hear the modem disconnect and then redial a number in Bulgaria or some obscure island. You'd then be connected to a phone service that charged $100/minute for the connection. After racking up thousands and thousand of dollars in phone costs, you'd get the bill from your phone company for $30,000.

Breaking this down, the best case scenario I can come up with is the following. The BBS would have to be running a non-Hayes compatible modem.

1. BBS sends +++ to send the caller's modem into command mode
2. BBS sends AT L0 M0 to turn off the speaker
3. BBS sends AT H to hang up the phone
4. BBS sends ATDT (phone number) to make your modem call Bulgaria

The problem is that step 3 precludes step 4. And I actually did some experiments in the 1980s, calling a friend's modem with a non-Hayes modem, to see if it would be possible to kick his modem into command mode remotely. He was running a BBS and wanted to see if that was possible. I wasn't able to do it. (His concern was a torqued-off user sending AT commands to mess with his modem configuration and knock him offline.)

But maybe Dvorak knows something I don't. I know there are people here who know lots of things I don't. So.... Was this scenario that he's describing possible?

 

[IBMMuseum]

...Was this scenario that he's describing possible?

This was done by "dialer" malware later, but typically had a resident stub that also waited until very early morning hours (when the computer was left on all night with no one around) to make the call in addition to turning the modem speaker off. I haven't seen anything that did this before Windows 95, but I guess anything is possible if you download unknown code that is able to execute later. For his different example it doesn't sound correct.

It would also have to be a time after the 976 numbers and mechanism were established (unless the crooks could get their hands on the money otherwise, because that is the motivation, not running up your phone bill). Dialer programs commonly called Caribbean countries, where the phone numbers didn't have international prefixes, and could be mistaken for something within the United States. Any pay-per-call number set up offshore tied the hands of what your local telco could do about it anyway.

 

[Chuck(G)]

One reason the original scheme described won't work is that the AT command strings must come from the local host--not the remote connection. A "helper" application is needed from the host side. Once one is present, well, the sky's the limit.

 

[Dave Farquhar]

I thought the AT commands had to come from the local machine, so thanks for that confirmation. So, basically the only way this could happen was if a user downloaded some kind of trojan horse. Not like the scenario he's describing, where a guy sees a message on a BBS about this new BBS, tries to call, gets redirected, and fraud ensues.

Dvorak was actively writing and BBSing in the 1980s and 1990s, so I would have expected better from him.

 

[kishy]

I had one of the Win95-era things happen (dialer running in the background). Not really the same thing, but did get us something like $30 extra on the next phone bill. Phone company removed the charge when we explained.

I was a dumb kid at the time, of course.

 

[Chuck(G)]

I thought the AT commands had to come from the local machine, so thanks for that confirmation. So, basically the only way this could happen was if a user downloaded some kind of trojan horse. Not like the scenario he's describing, where a guy sees a message on a BBS about this new BBS, tries to call, gets redirected, and fraud ensues.

Dvorak was actively writing and BBSing in the 1980s and 1990s, so I would have expected better from him.

(Little secret) John didn't actually write most of his "guides"--he reviewed them but used others for the actual text and editing. Which is pretty much par for the course. I did some editing on a couple of them; it paid well for very little work (about $2K per book for not that many hours of reading). Print acknowledgement was entirely up to the "author"; some refused, some thought it was a good idea.

This is not meant to lessen John's contribution to the field; it's just the way things are done.