ADSL Scam Operators.

ProAsm

ProAsm

Expert Member
Joined
Aug 31, 2003
Messages
2,191
Reaction score
106
Location
Hilton
I just want to set things straight before someone has a side crack at me regarding the following post.
ADSL is my 1st choice of connection with wireless just being a usefull addition.

There is a serious ADSL scam that is currently rife in SA and needs attention.
It started as a combination of firstly Telkom allowing 4 logon connections for every account and accelerated with the ISP frenzy which we have all witnessed recently.

How it works.
Inhouse spies at the source will sell several 100 ADSL Username and Passwords to someone in a city for several R100 a lot.
These city someone's will inturn sell to "clients" that get username and passwords from them for around R50 and will be guarenteed of always having a username/password even if cap is reached as the "client" will just be "sold" another set.
These "clients" are normally the ones with a HomeDSL192 line account, but buy 384 or mainly 512 accounts for their 50 bucks.
This generates a fair monthly income for these scam operators, and with the ADSL accounts sitting at 40000 and climbing it can become a very profitable business.
Provided of course these "clients" dont pinch too much of your bandwidth, the scam can operate quite successfully without you as the account holder noticing.
Its just ever so often that these "clients" get greedy and hit your cap for you that you notice and makes you sit up and take notice.
Those of use that have different ISP's, when complaining to them they say its on the other side of them and there is not much they can do about it.
The ADSL stats logon information seems to not reflect these other users being logged on either as several tests were conducted in this regard.
The only way to test this is to switch your ADSL modem off for several days then check the user stats.
Checking the logon stats you will often notice the following:


WARNING
A Database Error Occured. Please contact the Site Administrator
Select [Back Button] on Browser to Correct and Submit again.

The only way to stop this is for Telkom to drop this 4 logons per client, the same as Sentech did with their connections as a similar scam was on the go at the time.
With the ADSL crunch coming in November, there is going to be many tears shed as people hit their cap within the first week and they have hardly even been on :(
 
Ok, this seems a very odd way to try fix the problem. If you limit the number of connections the chance of the valid user not being able to get on is just as high as the villain.

Secondly, you say the usage tracker does not reflect the logins and you have done tests to verify this. I find this interesting as in order to test this you would have to yourself be able to "login" without it showing. Care to explain how this is done?

I do agree that something needs to be done, as account theft seems to be quite common, but I don't agree with the methods you propose, it does not fix the problem and simply degrades the service. I have 3 machines which use pppoe to connect to the internet. I don’t like internet sharing software and I don’t have a router type modem, your solution would not work for me.
 
I have also seen this, as I'm sure other people (especially in the gaming community)...

A specific incident I recall is a friend checked his band width at the start of the weekend (Still had plenty left, like over 2Gb), then he hit cap 2 or 3 days afterwards.

We calculated that he had to be downloading the whole time at a ridiculous speed of something like 80kb/s the whole time in order to have reached cap.

This was about a year ago, so I can't remeber the figures, but it came down to him not being to download the amount of data at maximum speed even if he tried.
 
If you limit the number of connections the chance of the valid user not being able to get on is just as high as the villain.
Click to expand...
The whole idea is for the valid user not to be able to get on.
In that way he can contact the authorities to do a trace and knock the villian off.
Currently he does not even know hes being "hacked".
Thats how were traced what was going on at Sentech, while people keep quite, the situation gets worse.
Secondly, you say the usage tracker does not reflect the logins and you have done tests to verify this. I find this interesting as in order to test this you would have to yourself be able to "login" without it showing. Care to explain how this is done?
Click to expand...
Simple, I gave my Username and Password to a friend and we were on together for 4 days and not once was he reflected although the amount of extra data was reflected.
At the end it still only showed me being on for 86400 Seconds each day where that should have been at least double.
but I don't agree with the methods you propose, it does not fix the problem and simply degrades the service.
Click to expand...
Got any better idea's ?
 
ProAsm said:
The only way to test this is to switch your ADSL modem off for several days then check the user stats.
Checking the logon stats you will often notice the following:


WARNING
A Database Error Occured. Please contact the Site Administrator
Select [Back Button] on Browser to Correct and Submit again.
Click to expand...

Are you saying that if you see that error then your account's been scammed? As far as I know EVERYONE is getting that error at the moment... :confused:
 
The better idea. Fix what is broken. If the radius server does not log the extra connections then why not just fix it so it does. While you at it you may as well add in add in ALL the details the radius server has about the connection to the stats pages. This would make it easier for people to see if the account has been used from another location.

With correct logging taking place the ISP could simply check for DSLAM ports that connected using lots of different accounts, a simple phone call to the owner of the account would verify if the usage was valid. If the usage was not valid the ISP could just block all future logins from that port for the account.

Punish the scammers, not the customers.

If all the details were available on the stats pages, then the program ant1b0dy made would easily be able to alert people to funny details appearing and that its now time to change passwords.
 
Last edited:
The current error I think everyone is getting but the same thing pops up on occasions as well.
Changing your password is one idea but you would have to do it on a regular basis.
I think Telkom should give the user an option whether he wants to allow 4 connections or not.
 
Ask your ISP to set the max number of concurrent sessions to 1, that way if you are connected no one else can connect while your router is on 24/7 connected :) Ofcause this causes another problem, if the router freezes/locks up or you do a hard restart or pull cable out etc you will need to contact the ISP in question and ask them to drop the current connection/session or else you will not be able to connect/get a PPPoE error 691 username pwd incorrect.
 
Sadly the big problem with all this is not going to be a technical one; the problem will be Telkom and their lack of competence. I do not see much joy arising from trying to get Telkom to fix their servers.

For the alternate ISP's which have their own radius servers for authentication I suspect you will find account theft is minimal or non-existent since the login details will not be open for perusal by enterprising Telkom staff - at least I hope not.

Allowing people to define how many connections they will be using is a good step, and quite easy too I would imagine.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X