A pounds 54,000 telephone bill? You've been phreaked!

Telephone hackers, or 'phreakers', have learnt to break into voice- mail systems and can run up huge bills at others' expense. Charles Arthur meets rogue, victim and sleuth

To anyone who spends a lot of their day on the telephone, voice- mail often seems like the curse of modern life. Everyone knows that sinking feeling when you are desperately trying to contact somebody and instead get an artificial voice saying, "To leave a message, press 1. For other options, press 2. To transfer to an operator, press 0." Americans call this phenomenon "voice-mail jail".

Voice-mail in the UK is one of the great success stories of the Nineties. Sales grew 65 per cent in 1994 to reach pounds 61.5m; market estimates suggest that 38 per cent of companies have some form of voice-mail, compared to fewer than 200 systems installed nationwide in 1989.

But voice-mail is not always good news for the companies that install it. Phone hackers - "phreakers" - have found the automated switchboards that let you transfer between extensions are a fruitful area for attack. With a little skill and applied intelligence, they can guess the code number of the owner of a voice-mail "box" (the answering-machine aspect of the system) and listen to messages there. Some more experimentation lets them set the extension up so that they can dial out to the extension of their choice. From there, the sky's the limit - especially where the company's telephone bill is concerned.

The phreaker's tale

(We met in a pub near a big city station. He had the etiolated late-teenager look of someone who has spent too much time awake when it is dark. How did it start?)

"I had wanted to be a hacker since I was quite young, but I never had a powerful computer. Then in 1992 I read a book called Approaching Zero which was about data crime in the computing world. I got more interested in becoming a hacker, but still didn't have a computer and modem.

"One paragraph of the book covered voice-mail and mentioned that it could be hacked, though it didn't say how. But you didn't need a computer, just a domestic phone. I already had that.

"So I bought a computer magazine, figuring that computer companies would advertise there and they would be likely to have voice-mail. One of them had an 0800 number. I called it one night, got the automatic response, and started pressing the star and hash keys and various numbers pretty much at random. After a while I found I had broken into their voice-mail system. It was a great moment, a terrific moment, that first time.

"I realised that on a lot of extensions the key to the voice-mail was the same number as the extension. That was the default and no one had changed it. I broke into people's mailboxes and listened to their messages. Then I found you could set it to divert incoming calls to another number. I spent a couple of nights playing around to find out how: at first it seemed not to work. Then I realised I had to prefix the numbers with '9' to get an outside line. That meant if the extension wasn't answered - and it wasn't going to be because I was calling between 10pm and 7am - then it would divert to the outside number I had set. They wouldn't notice during the day because they would either pick it up, or else the person ringing them who got diverted would think something odd had happened, but not bother about it.

"After that I just started going for 0800 numbers, working through the Yellow Pages. It takes about 1,000 calls to find one company you can crack. It takes about one night of dialling hard to go through that many. I was really good at cracking the SDX switchboards and the BT Meridian.

"At the end of 1993, I read a newspaper article about voice-mail hacking and began to realise there were quite a few other people doing what I was doing. Once, I hacked a voice-mail system so I was the system administrator - I had the power to set up voice-mail boxes for myself. All this from my phone in my bedroom. As I was going through the mailboxes, listening to the messages, I found a small community of hackers in the system, using a spare box. I left them a message telling them to get in touch.

"I could use those voice-mail systems I'd broken into from anywhere in the country, and talk for hours for free. The companies paid for the 0800 number and they paid for the outgoing calls, too. If somebody did it to me, though, I'd be really pissed off.

"The people who sell these systems could tell customers about these flaws, but they don't. Instead, they wait until the customer is defrauded or somebody tells them. Sure, you can argue that it's still an offence for someone to drive away a car even if you've left it unlocked with the keys in the ignition. But it's like the voice-mail companies know there are thieves out there but they don't put in locks and they just have a switch for the ignition."

The company's tale: the information systems manager

"BT installed one of the Meridian switchboards when we moved to Richmond. At first we thought we had a problem with nuisance calls. At about 5.30pm there'd be a call, and when the person answered it the phone would be put down. We didn't think much more of it.

"I discovered totally by fluke that people were calling in, waiting for a number, inputting '9' and ringing places like the US and Pakistan all night. It was between October and December of 1994, for six weeks. We had 48 lines going out of the building and at some times - at about 4am - they would all be busy. I just happened to be late in the building one night when I heard some phones ringing. Then I checked the exchange to see the load on the phone switchboard. I drove home and started dialling our company number and messing around and suddenly I hit it. It gave me the willies, I can tell you.

"I told BT straight away, and they reprogrammed the switchboard remotely so that particular facility was disabled. But they had never told us people could just dial in and dial through like that. The hackers cost us pounds 54,000 during those six weeks."

The consultant's tale

(John Chatterton, based in Wargrave, Berkshire, has helped a number of companies fend off phreakers.)

"Virtually any phone exchange can be hit. Once a system is breached, the number of calls rises quickly for about a week or two and then reaches a plateau. Then it rises very sharply again, and goes to different countries as the number is spread to other phreakers over bulletin-board systems. Then it plateaus again. Then there's a final phase where calls get made to places like Africa, Russia and Pakistan, by which time the word is really all over.

"Most companies that get invaded are big, because they need a facility- rich exchange such as something that lets people dial in remotely to get voice-mail. Like computer hacking, no [company] tells the truth about being hit because it's too embarrassing. I have been trying to get cases brought to court but the companies are paranoid about anybody finding out that they were hit. In one week a team of phreakers could tot up a phone bill to a company of pounds 50,000, accelerating up to pounds 100,000 per week. The limiting resource is how many outgoing lines there are at the company.

"But hacking could always have been avoided. It's carelessness. The trouble is, these systems are being provided to people who haven't got the technical competence, which makes them natural victims. Or else the company's been getting rid of its telecoms department and replacing them with this switchboard, so there's no expertise inside the company."

News
The guide, since withdrawn, used illustrations and text to help people understand the court process (Getty)
newsMinistry of Justice gets law 'terribly wrong' in its guide to courts
News
Bobbi Kristina Brown with her mother Whitney Houston in 2011
people
News
Starting the day with a three-egg omelette could make people more charitable, according to new research
scienceFeed someone a big omelette, and they may give twice as much, thanks to a compound in the eggs
News
Top Gun actor Val Kilmer lost his small claims court battle in Van Nuys with the landlord of his Malibu mansion to get back his deposit after wallpapering over the kitchen cabinets
people
PROMOTED VIDEO
Have you tried new the Independent Digital Edition apps?
Life and Style
ebookNow available in paperback
ebooks
ebookPart of The Independent’s new eBook series The Great Composers
News
The actress Geraldine McEwan was perhaps best known for playing Agatha Christie's detective, Miss Marple (Rex)
peopleShe won a Bafta in 1991 for her role in Oranges Are Not The Only Fruit
News
newsPatrick Cockburn was able to update his agenda-setting 'The Rise of Islamic State' while under attack in Baghdad
News
Robert Fraser, aka Groovy Bob
peopleA new show honours Robert Fraser, one of the era's forgotten players
Life and Style
Torsten Sherwood's Noook is a simple construction toy for creating mini-architecture
tech
Sport
David Silva celebrates with Sergio Aguero after equalising against Chelsea
footballChelsea 1 Manchester City 1
News
i100
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs General

    Recruitment Genius: Online Media Sales Trainee

    £15000 - £30000 per annum: Recruitment Genius: Now our rapidly expanding and A...

    Recruitment Genius: Public House Manager / Management Couples

    £15000 - £20000 per annum: Recruitment Genius: Are you passionate about great ...

    Recruitment Genius: Production Planner

    £20000 - £30000 per annum: Recruitment Genius: This fast growing reinforcing s...

    Recruitment Genius: General Factory Operatives

    £18000 - £35000 per annum: Recruitment Genius: This fast growing reinforcing s...

    Day In a Page

    As in 1942, Germany must show restraint over Greece

    As in 1942, Germany must show restraint over Greece

    Mussolini tried to warn his ally of the danger of bringing the country to its knees. So should we, says Patrick Cockburn
    Britain's widening poverty gap should be causing outrage at the start of the election campaign

    The short stroll that should be our walk of shame

    Courting the global elite has failed to benefit Britain, as the vast disparity in wealth on display in the capital shows
    Homeless Veterans appeal: The rise of the working poor: when having a job cannot prevent poverty

    Homeless Veterans appeal

    The rise of the working poor: when having a job cannot prevent poverty
    Prince Charles the saviour of the nation? A new book highlights concerns about how political he will be when he eventually becomes king

    Prince Charles the saviour of the nation?

    A new book highlights concerns about how political he will be when he eventually becomes king
    How books can defeat Isis: Patrick Cockburn was able to update his agenda-setting 'The Rise of Islamic State' while under attack in Baghdad

    How books can defeat Isis

    Patrick Cockburn was able to update his agenda-setting 'The Rise of Islamic State' while under attack in Baghdad
    Judith Hackitt: The myths of elf 'n' safety

    Judith Hackitt: The myths of elf 'n' safety

    She may be in charge of minimising our risks of injury, but the chair of the Health and Safety Executive still wants children to be able to hurt themselves
    The open loathing between Barack Obama and Benjamin Netanyahu just got worse

    The open loathing between Obama and Netanyahu just got worse

    The Israeli PM's relationship with the Obama has always been chilly, but going over the President's head on Iran will do him no favours, says Rupert Cornwell
    French chefs get 'le huff' as nation slips down global cuisine rankings

    French chefs get 'le huff' as nation slips down global cuisine rankings

    Fury at British best restaurants survey sees French magazine produce a rival list
    Star choreographer Matthew Bourne gives young carers a chance to perform at Sadler's Wells

    Young carers to make dance debut

    What happened when superstar choreographer Matthew Bourne encouraged 27 teenage carers to think about themselves for once?
    Design Council's 70th anniversary: Four of the most intriguing prototypes from Ones to Watch

    Design Council's 70th anniversary

    Four of the most intriguing prototypes from Ones to Watch
    Dame Harriet Walter: The actress on learning what it is to age, plastic surgery, and her unease at being honoured by the establishment

    Dame Harriet Walter interview

    The actress on learning what it is to age, plastic surgery, and her unease at being honoured by the establishment
    Art should not be a slave to the ideas driving it

    Art should not be a slave to the ideas driving it

    Critics of Tom Stoppard's new play seem to agree that cerebral can never trump character, says DJ Taylor
    Bill Granger recipes: Our chef's winter salads will make you feel energised through February

    Bill Granger's winter salads

    Salads aren't just a bit on the side, says our chef - their crunch, colour and natural goodness are perfect for a midwinter pick-me-up
    England vs Wales: Cool head George Ford ready to put out dragon fire

    George Ford: Cool head ready to put out dragon fire

    No 10’s calmness under pressure will be key for England in Cardiff
    Michael Calvin: Time for Old Firm to put aside bigotry and forge new links

    Michael Calvin's Last Word

    Time for Old Firm to put aside bigotry and forge new links