Feeds

Pizza fraudsters get a slice of the action

Telephone redirect ruse hits California

SANS - Survey on application security programs

US fraudsters were able to pose as a pizza outlet after a credulous AT&T service rep redirected calls from cooks to crooks.

Con-men claiming that the phone at pizza outlets was malfunctioning persuaded the rep to set in place a call forwarding request to a number of their choosing. AT&T failed to make any checks.

As a result, orders for pizzas were fielded by fraudsters, who predictably insisted advanced payments needed to be made by credit card. Payment details were subsequently used to make fraudulent internet purchases under the name of unsuspecting pizza customers.

The beauty of this simple ruse is the potential marks would have no reason to be suspicious. After all, they initiated the orders.

News of the ruse came after an internal memo fell into the hands of reporters from the San Francisco Chronicle. John Britton, an AT&T spokesman, confirmed the authenticity of the memo.

Two incidents of the scam have been reported in southern California, but it's unclear if the ruse has been replicated elsewhere. The incidents that AT&T knows about only emerged after complaints from pizza parlours that their phones had gone dead.

"If someone doesn't call us, we wouldn't know about it," Britton told the San Francisco Chronicle. "After learning of this, we immediately took action to warn employees to be extra cautious when dealing with any requests for call forwarding."

Nobody has been arrested over the scam and it's unclear how much money has been defrauded.

Meanwhile, AT&T is not saying what new security measures it has instituted to frustrate the con, beyond saying it has warned other operators and that subsequent attempts to pull off the con have failed. "We had some guidelines in place that we believe were effective," Britton said. "Now we have extra precautions." ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.