Guy hacks company's phone system to....?

[jxfuryice]

Hello everyone! I really appreciate all the informaiton you all have give me while I have been posting and reading other forum subjects here. So just wanted to say thanks in advance.

However... I have another problem and I need you're help. Honestly I didn't know where to put my question(s)/problem(s) so I decided to just post in general chat. Since I'm new to all this pleas try and bare with me while I try to explain what is going on, and feel free to ask any questions/statements I might have missed. Okay enough babble now on to my problem....

Here's the real deal....

The company I work for (going to college) I just normally take customer service calls. Well anyhow I guess this started about 2 months ago, this arabic sounding man would call and say...
"Transfer me to the IT department". Now we all found this odd for the simple fact that IT is closed when we work (I work the 7pm-3am shift). We would ask him where it was located and he would say New York, NY. Well our main IT office is located in Dallas. We new this was odd. We tried to get a caller ID number off him however none was listed. So days went on and many people got the same phone calls some people tranfered him to the number he wanted. The orginal thought is that the man was doing this to get free long distance. However just a few nights ago some customer service reps decided to keep him on the line and try to see where he was calling from. They just told the man to hold on a second and they would transfer him. They went to another line in a manager's office and looked at the caller ID. Nothing! However they did find some interesting information. It turns out when the put the phone on speaker phone to l"listen" into the man while we was suppose to be on hold. The customer service agent told me that he would get into people's voicemails and just enter in passwords. So I figured maybed he's hacking voicemail boxes to transfer data or something. It turns out our "head of security" guy in Dallas (our corporate office) sent out an e-mail not to transfer the man and there actviely investigating it. So they claim at least. The security guy is just that. A security guard. He knows nothing about the computer aspect, let alone our IT department is small and it's a total joke. I don't know that much about security yet I know some flaws that I have already found.

So I guess in that long drawn out story, I have questions to ask.

- What is this guy doing?
- Is there a way to find out how the call stats?
- Where it orginates from?

So I figured he was hacking the phone system or a theory was he was transfering data over multiple phone lines to "jump" to each line to eventually get to an end point.

We have 4 call centers in the U.S. (only ones we got) I don't know if any other calls centers have gotten this. I belive they have but it mainly happens late at night when the phone lines are slower.

I don't know much more information then that. I just figured someone here would know what to do or a way to "find" him. Anyhow thanks in advance you all are the best!


- Jxfuryice

"Love me or hate me, but spare me you're indifference." - Himmler

[MrLinus]

No one's called the FBI? (I believe there may be certain phone laws that he could be breaking and asking the FBI to get involved might help you better).

I suppose, if you're system is digital, that it could be used to send data around but I would think it would be more likely, if he's trying to compromise voicemail, that he's either doing "industrial espionage" (trying to find trade secrets) or trying to find unused voicemail boxes so that messages can be saved/storage for others to hear/call into.

To find out where it originates would probably mean a call to your phone provider and/or your voicemail box provider.

I have to admit being a bit neophyte for this area so these are "educated" guesses I'm making. I'm also moving this to Misc Security. Seems a little more appropriate there.

[jxfuryice]

Thanks for the gusses at least

Well honestly I was thinking about going to talk to the FBI or someone. However I figured my superiors would just work on it. "Not my problem" type of attitude. However since I Have in interest in security. I figured I might be able to help.

You think I should go tell the FBI anyhow? By the way we do have digital lines. My roommates idea was that he was transfering data between each one to "cover his steps".

Again I don't know what to do, but thanks for the early reply... keep them coming!


-Jxfuryice

"Love me or hate me but, spare me you're indifference." -Himmler

[SirDice]

As MsMittens noted, talk to your phonecompany and see what they can do. Even if Caller ID didn't work, you may have more succes with Call Trace.

[jxfuryice]

Thanks again for the reply. However I'm not a IT guy, I'm not a supervisor. I'm just a customer service agent that receives the calls. I can't call the phone company on my company. I mean I would figure the "Chief of Security" would. I don't know if they have. My job is to just help customers calling in. However, I feel that I can help. I know a little about computers and like I said previously. I want to help. I want to help catch this guy.

Anyhow thanks again for the reply...... Keep them coming!



-Jxfuryice

"Love me or hate me but, spare me you're indifference." -Himmler

[zencoder]

You might consider an anonymous hint dropped to the FBI/DHS about the situation, in case your superiors aren't interested in that avenue. Please be aware this might get you in hot water with your employer if they don't want to bring the Fed's in, thus my 'anonymous' suggestion.

Also, you probably shouldn't officially contact them either, without your employers consent. It's good that you've thought this was an unusual situation and explored it further, but acting without their consent can cause you some serious grief. The term is 'vicarious liability'.

[jxfuryice]

Yes I thought about that. That's why I thought that avenue wouldn't be that good of an idea. However the "anon" suggestion really isn't anon. I have to describe where it's happening how it's happening and there going to want to interview people. Not to mention I went to the FBI's website, under "drop a hint" or something like that. It even confesses to the fact you may not remain anon.

It's the patriot act now So that's easier said then done. However what I'm mainly looking for is some way to track him so I can send an e-mail to my chief of security down in Dallas, Texas. That way he can get real time data. Furthermore that works out better b/c I would still be doing my job and if he is already talking with a law enforcement agency I'm not stepping on any toes just providing better intelligence on the operation that this person is doing.

I appreciate the reply. However I think I wrote my post poorly and I'm more or less looking of a way I can track or find out what he IS trying to do at least. It's peaked my curiousity. Somone surely knows of what he could be doing. I have been trying to research someone similar on the web, however ot no avail!

Thanks again though!

-Jxfuryice

"Love me or hate me, but spare me you're indifference." -Himmler

[kr5kernel]

Being a customer service rep, I take it you spend a lot of time ont he phone, read the book "The Art of Decpeption" by Kevin Mitnick. If you get anything good out of it perhaps you could reccommend to your supervisor different strategies you can put into place to avoid strabge situations such as above.

The book gives tons of examples of social engineering and could be of a lot of benefit to someone such as yourself, since most of the attacks are targeted at people with positions such as yourself.

[jxfuryice]

That's a good idea. Actually believe or not. I read that book once like when I was 12 or 13 somethign like that. I don't remember a thing but that's a great idea. I don't know if that will teach me how to trace it but we'll see.

Another problem here is that my supervisor is my best friend (since 8th grade we are also in the USAFR together.) Anytime I try to explain security he's like I know.. I know. I'm like (pardon here) LOOK BRO you don't freaking know, that's why I'm telling you. He's just real prideful. They are concerned with sales/customer service issues. Granted I would be to since thats our business. But I figure this could be affecting our business and I have said it once I'll say it again. This situation inrigues me. Plus I have talked to this guy on the phone and something just doesn't fit right with this guy. I can't get any answers from anyone there all just like, dont' worry about it.

I dunno I knew you guys would have good advice so that's why I posted this topic. I'll defintely have to try to dig up that book again or, just go to barnes 'n' noble, and buy another copy!

Thanks again!

-Jxfuryice


"Love me or hate me, but spare me you're indiffernce." -Himmler

[zencoder]

Sorry, should have clarified when I mentioned anonymous. I don't mean go through their official channels. I mean true anonymity, as much as you can receive it today with the Internet.

Open a freemail account some place where it is hard to get cooperation tracing source IP's. Send them an email with all details you have. Play dumb when the interviews start.

What you're doing then is giving them some clues on what they should look into, without making yourself a 'source' of information. It's hard to subpeona "john doe" and expect him to show up to testify.