Posted Friday 19th December 2008 04:03 GMT
SO this guy wants his money back because he set up a weak password for onward transfers with his DX, Hmm! let me think NO!
Although if he bought the DX from the telecom vendor he gets service from he may have a case for inadequate security support.
And anyway what would any self respecting telecom company monitor your usage for spikes, that's how they make all that obscene profit. As a shareholder in several of these companies I can say the more dumb people like this the happier I am.
Posted Friday 19th December 2008 22:48 GMT
...how the devil anyone can spend that bl00dy long on the phone!?!?!
Posted Friday 19th December 2008 22:48 GMT
... the company allowed it. Which means they allowed potential breaches of their security system and so they should cough up. $52K is nothing compared to the poor public relations and custom they'll lose if they force him to pay by dragging him through the courts.
Posted Friday 19th December 2008 22:48 GMT
This guy doesn't want his money back, he wants MTS (long distance supplier) to cover SOME of the cost for not questioning the unusual traffic for 3 weeks.
Strange that banks will decline a transaction on any grounds but a telecoms company can see a bill that normally ranges from $15-$500 per month jump to $2k a day and not bat an eyelid. If I were in that situation I may have an expectation that the service provider would have taken slightly less than 3 weeks to question the massive rise in costs.
Then again, if my company also offered Cisco Unified Coms as a 'solution' then I may just have to console myself with slapping my forehead every 20secs or so.
Posted Friday 19th December 2008 22:48 GMT
If someone broke into your house while you were on holiday and rang up a series of premium rate numbers leaving you with a massive bill - would you expect to have to pay it?
Posted Friday 19th December 2008 22:48 GMT
Someone illegally used his telephone service to make calls. He may well have had poor security but that doesn't make it his fault or even ok to do something which amounts to stealing off him. If i leave my house unlocked , taking things from it is still stealing. I assume you wouln't complain if a locksmith open your house and took all your stuff, after all it's your fault for having lax security on your front door.
Saying he has to pay this bill is the same as saying if you get your creidt card skimmed your liable for the purchases made on it. Yes someone illegally used your card, but bad luck shouldn't have been lax enough to let someone steal your details.
Posted Friday 19th December 2008 22:48 GMT
having had a contract phone for the last 14 years or so, I couldn't be arsed with all this nonsense any more.
Posted Friday 19th December 2008 22:48 GMT
52,000 Canadian - that's about 20 quid right ?
Posted Friday 19th December 2008 22:48 GMT
"And anyway what would any self respecting telecom company monitor your usage for spikes, that's how they make all that obscene profit."
They do monitor your usage. I'm a low usage business customer but have on occasion had large spikes in usage. On each occasion BT have contacted me to confirm that I am aware of the sudden high usage and that I should expect a large bill. On one occasion, because they could not contact me, they barred the phone from all but local calls until I contacted them to get the phone unbarred.
Oh, and its nothing to do with missing a bill payment as my bill is paid in full every quarter by direct debit.
Posted Friday 19th December 2008 22:48 GMT
"And anyway what would any self respecting telecom company monitor your usage for spikes"
I used to work for a telecoms company that did.
Its a really good idea to do so. Firstly if your customer disputes their bill it isnt going to be settled and paid until the dispute is resolved. Secondly if the dispute goes against the telecoms company they get screwed with the bill especially when international calls are concerned. The traffic might be "free" on their own network but there are interconnect charges to be paid once the call transfers off to someone elses.
On teh other hand a sudden unseasonal drop in call volume can indicate a number of things including the posibility that they may be transfering to another provider without telling you or that they may be about to fold and go under. Both of these are really important to know if you want to get paid
That said. The guy is a dick. Did he not think to question what option 36 was?
Posted Friday 19th December 2008 22:48 GMT
Where else do you run up a bill without any way of finding out what it is or setting a limit like "if it goes over xxx let me know". I'd sign up in a flash for a "warn me when the cost of a call goes over 5 pounds" option but this seems to be a case were giving the customer what they want isn't of any interest to the telcos.
Yes I got screwed once subletting a flat where the owners didn't have an international calling plan and we ended up paying $2/minute for calls for a couple of months until the owners bothered to forward a bill. One phonecall to switch the plan would have saved us a packet.
I see no reason why regulators shouldn't oblige them to offer free options like "text me if my monthly bill goes above twice the average" and the like.
Posted Friday 19th December 2008 22:48 GMT
I feel a bit sorry for this guy. Security issues aside, almost every telecomms billing system on the market has a "high spend" feature so it stands to reason that his provider would have known something was wrong. If they sold him this feature when he joined them, then he shouldn't have to pay...
Posted Friday 19th December 2008 22:48 GMT
He shouldn't have to pay a penny.
Even if he had no password at all, that doesn't make it OK to steal his service.
If I leave my door open and someone burgles my house, that doesn't make it LEGAL to burgle my house does it? Theives will all rot in hell anyway.
Posted Friday 19th December 2008 22:48 GMT
"Davison says he shouldn't have to pay the whole amount": At least he's willing to pay some of the cost. Wonder who set the phone system up for him?
@AC "Money back?"
Credit card comapnies call you if there's out of the ordinary purchases being made, why not phone companies? In both cases you've got credit from a provider for services, and then pay a bill later.
Posted Friday 19th December 2008 22:48 GMT
case for the rozzers, trace the inbound calls and you have a lead..
Posted Friday 19th December 2008 22:48 GMT
I cases like this, if the recipient # is known, then reverse the billing (plus a service charge). That would tend to stop this type of hacking very quickly.
Posted Friday 19th December 2008 22:48 GMT
The guy's company (from CBC News) was Hub Computer Solutions. One of the services they offer is VOIP solutions. They also offer "Security and Protection".
Great advertising -- "Yeah, VOIP is great. We use it in our office. Of course, last month we ended up getting a 50 grand telephone bill because somebody hacked it. But otherwise, it saves us lots of money."
Ya gotta wonder about some people. Paris because she knows all about getting her phone hacked...
Posted Saturday 20th December 2008 05:14 GMT
Actually, if someone broke into your house you wouldnt expect the telecomms company to pick up the call charges.
Thats why you have home insurance.
I dont think that will cover this though.
Posted Saturday 20th December 2008 15:57 GMT
Credit card companies call you because they're liable for any fraudulent use (with the usual caveats) so it's in their best interests to ensure that transactions are legitimate.
Telco's don't give a f**k if it's legit coz you're going to have to pay.
Posted Saturday 20th December 2008 19:47 GMT
When I worked for a Telco this happened to one of their customers in London
Calls that were hitting voicemail and then breaking out by dialing 9
The first time it happened after 6pm Friday until Midnight Sunday the bill was £5500
(All International calls)
After the monthly bill arrived we were called in to investigate and BT started to monitor usage
We found out the the voicemail was incorrectly programmed by the installing engineer
So for the whole month they had OVER £22K of international calls.
It's worth noting that the v/m was 8 ports and lines were ISDN 30 Channels
I'm not sure if BT let them have a discount or anything but our engineer was fired
and we think that he was the one who was exploiting the v/m and selling the info
Well he was a tw@t anyway
Can I have my coat please, it's cold in here!!
Posted Monday 22nd December 2008 11:52 GMT
Well I'm with Vodafone NZ, and I just put a $200 cap on my bill, so phone just stops any services that are chargeable (I.e. free minutes and texts still apply) when the bill reaches $200.
Has saved me from some big bills sometimes :-)
(due to our data being 10c/kb until recently this year)
More regulation in this industry is needed.
Posted Monday 22nd December 2008 23:35 GMT
I work for a company that got hit by this, and it's not necessarily about the victim being at fault for having bad security. Most people, even IT savvy ones, cannot understand telecoms systems, so they rely on specialists to set them up. In our case, that meant not being told that the function was active or that it still had the manufacturer's default password set. It was not a function that had been asked for or one that was wanted.
We found out after £15k had been run up in 48 hours. We were lucky in that as we're lawyers the telecoms company didn't argue too much about paying the bill, but not everyone has that clout.
Posted Tuesday 23rd December 2008 16:54 GMT
"Credit card companies call you because they're liable for any fraudulent use (with the usual caveats) so it's in their best interests to ensure that transactions are legitimate"
Actually it's the Merchant who accepts your card when presented either in person or in CNP transactions over the phone, who foots the bill if it's being used by an unauthorised person. The issuing company just deduct the amount of the fraudulent transaction from the monthly rebate to the merchant.
One other thing - O2 also let you get "spend alerts" on your account. I've set them up so that my Jesus phone surfing doesn't cost me the world.
Job done.
Similey face 'cause I'm off on hols from today!
Sign up, sign up for The Register's weekly IT security newsletter - click here
Back to the article
