http://www.reversephonedetective.com/

Next time you are in Manhattan and a CloverField Monster attacks, it’s a handy thing to know exactly in real time where your friends are so you know where to rescue them… or should I say so they know where to get you!

Loopt is an awesome stakling widget that sends you updates on where your friends are in real time !

Then once you know where they are take the subways with hopstop !

VISHING

I am calling YOU from YOUR PHONE…
I can POSE as your BANK Teller from YOUR BANK.
Caller ID is something you should NEVER take on blind FAITH !
I just tried http://www.spoofcard.com / phonegangster.com / Star38.com and it works !

You can learn the driving force behind this and so much more as I did at
http://artofhacking.com/files/ob-faq.htm

A scary but perfect fraud to Xploit if you are an asshole that is LOL

One way I have figured our how to protect yourself from the spoofing from extensive testing of my own is to PROGRAM every phone number which is friendly to you as text YOU ONLY KNOW ! So when the original number shows and NOT your saved text, it is 90% a fraudulent signal…

One thing I have thought is a good thing to try is to spoof an employer and call and ask for a reference for “me” and see what is really said about your previous employment there…

what do you think of this counter-intelligence ? post back I wanna hear thoughts…

Heres a software have Phun

The attack is simple, according to Bob Egan of MobileCompetency.com, who wrote the report. Most cell phone providers offer a service called “skip passcode,” which allows mobile subscribers to enter their cell phone voicemail and select other administrative options without entering a numeric password. Callers are sometimes told the service is safe, because cell phone providers ensure the call is initiated from the handset owned by the consumer — making the password unnecessary.

But Eagan discovered that services use caller ID to authenticate the cell phone, and months ago, hackers learned how to spoof, or “trick” the caller ID system. Using such a service, a hacker can dial the mobile account holder’s telephone system and immediately access their voice mail and other services.

Essentially, knowing someone’s cell phone number is enough to gain access to their voice mail and all their administrative tools.

Heres the news clip I wrote breaking the story to 6ABC.com :

Last night (I am a local web programmer, digitial forensic developer, and cyber security advisor) I uncovered or perhaps even accidentally developed a technique to tap into Cingular customer voicemail service to listen to anyones voicemail from any phone BYPASSING password security thus totaly exploiting the customers privacy!

I would be happy to demonstrate how to do this and PLEASE NOTE this probably effects more than just CELL PHONES but people could spoof fraudlant calls — say I wanted to call from my house with a voice recorder and spoof calling from your BANK. I could then simply act like I am from your bank (becasue yor caller ID would say so) and If I sucker you into your bank info, I can then do whatever I want and there is NO LOG from where I called to trace me!

I am fearful especially for my grandmom and other senior citizens that do not get out much and would not know the difference. I am releasing this to YOU FIRST to report and want to protect them !

I have found a way to tell if it is a fraud call coming in, but havent yet found a way to protect the customer called because I do not have access to the VM system to further investigate.

Please have someone call me for more story details and a demo too!

Please call me for further details

JAaronAnderson.com

http://www.henryfirm.com/CM/Custom/ThankYou.asp

NEWS NOTES

I am a digital cyber-professional who is keenly aware of the Truth in Caller ID Act of 2007 and am not a criminal, I have previously asisted crime fighting departments such as the DEA in Dayton ohio and Cincinnati OH Investigation / Detective forces so with exposing this social reengineering technique, I do believe I’m helping out now here local in Philadelphia.
This is one of the typical approaches taken by many of the security community: Give the vendor enough time to fix their vulnerbility…

Cingular has evidently known about this since Feb 1st of 2006

If the vendor does not respond in a resonable amount of time - it is quite ethical to make noise about it so 1) The end uers (victims) are aware 2) The vendor gets their act to-gether and fixes the issue. maybe if enough shocked Cingular customers call the support line Cingular will fix the issue.

Verizon has mechanism against it but still identifies the number wrong WITH NO TRACE.

DONT SHARE HOW I DO it but that you CAN DO IT to tip off other hackers

It is taking advantage of FLEX ANI Automatic Number Identification

they should implement a try catch method from external gateways.

This doesn’t work with T-Mobile and Sprint. Their voice mail systems seem to have intelligence in place to recognize that the call is originating from an external gateway.

That said, if you are a Cingular customer, you might want to call your voicemail, and configure it to ask for a password even when you call the voicemail system from your handset.

The best way I have learned how to do this is by having linux, installing a softswitch like Asterisk and running NuPhone.net spoof.call method…

Phreaking is a slang term coined to describe the subculture activity of people who study, experiment with, or exploit phone systems.

The term “phreak” is a portmanteau of the words “phone” and “freak.” It may also refer to the use of various audio frequencies to manipulate a phone system^{[verification needed]}. “Phreak”, “phreaker”, or “phone phreak” are names used for and by individuals who participate in phreaking.

Now that 2600hertz phone tone level lines arent available to exploit because line are now operated by t1 carriers, this category is dedicated to topics of Phone Tips & lesser known tricks you can do with your phone.

Tips & Tricks

 Did you know 958# can provide you the number of the line you are on ?

Misconceptions

False :  Phreaking is dead!

True  :  Phreaking is not dead, maybe dying. It is not nearly as popular as it has been in the past.

False :  Boxes don’t work anymore!

True  :  Most boxes don’t work anymore… Some boxes only work under the right conditions.

False :  Hacking is better than phreaking.

True  :  Hacking and phreaking are both arts.  One is not better than the other.

False :  Phreaking is wrong.

True  :  Phreaking is only wrong if you abuse it. I believe there is merit I mastering the concepts behind one of our most vital forms of communication.

False :  There is no point of phreaking.

True  :  Phreaking gives you knowledge of the telephone system you use every day.  If you choose to abuse it… then
  there is no point in phreaking.

False :  A war dialer is a form of phreaking.

True  :  Although this my be considered more of an opinion, I believe that a war dialer is for hacking exclusively.  A war
  dialer has nothing to do with breaking into telephones, only finding carriers.

False :  The only aspects of phreaking are boxing and social engineering.

True  :  This is totally untrue.  Where there is new telephone technology, there is new aspects of phreaking.  And new
  telephone technology is being created daily.  (Although it is NOT being created as quickly as computer technology).

False :  Phreaking is totally safe.

True  :  Messing with electronics can be very dangerous.  Be careful!  There is always a chance that you could electrocute
  yourself.

False :  I cannot be caught when I am phreaking.

True  :  Phreaking for the wrong reasons can get you in alot of trouble.  Try as hard as possible to phreak only at night and not to phreak with you own telephone.  If you are caught phreaking, you will definitely regret it!

False :  When I am done this text, I will be a great phreak.

True  :  Nope.  This text is just to teach you the basics of phreaking.

Resources

http://www.inforeading.com Very good site for texts.

http://mystik.twoteeth.net Mystik’s site.

http://www.dugnet.net  Dugnet irc server’s site.

http://www.phonelosers.org Damned good prank calls.  =P

http://www.phonebashing.com Funny guys running around in cell phone suits, stealing cell phones and breaking them.

http://www.techfreakz.com Some pretty good information on scams and phreaking.

http://www.attrition.org Very good information on hacking/phreaking etc.