"90#" Phone Scam - U-M Virus Busters

The "90#" Telephone Scam Warning Is (mostly) A Hoax

by Bruce P. Burrell (bpb@umich.edu
for the U-M Virus Busters (virus.busters@umich.edu)

Last significant update: 16 February 1998

This information can be freely reproduced in any medium, as long as the information is unmodified.

We first heard of the "90#" telephone scam from Harold Lines on 13 February 1998. Thanks, Harold!

While this seemed unlikely to be something that would work on most phones, we checked to make sure. A security expert for U.S. West who told me the following:

If a phone company needs to repair a phone, they NEVER call you to assist in the repair. Either they do all testing remotely, or they do it in person. [It's a good idea to demand identification should a telephone repair person appear unexpectedly on your doorstep, of course!]

Hence this warning falls into the "vaguely good general advice" category, like "wear your raincoat when it's raining" and "don't accept candy from strangers." The problem is that the advice in this "scam alert" isn't very useful -- if there are any phone systems susceptible to this scam, they are very rare. That makes forwarding this "advice" about as useful as telling a Sahara Desert dweller to wear a raincoat.

Here's the text of the "scam alert":

 
On Saturday,  24 January 1998, Naval Air Station, Joint Reserve Base,
New Orleans' Quarterdeck received a telephone call from an individual
identifying himself as an AT&T Service Technician that was running a
test on our telephone lines.  He stated that to complete the test the
QMOW should touch nine (9), zero (0), pound sign (#) and hang up.
Luckily, the QMOW was suspicious and refused.  Upon contacting the
telephone company we were informed that by pushing 90# you end up
giving the individual that called you access to your telephone line
and allows them to place a long distance telephone call, with the
charge appearing on your telephone call.  We were further informed
that this scam has been originating from many of the local
jails/prisons.  Please "pass the word".

Please do not forward this -- or anything similar -- to all your friends.

Instead, you should reply to the sender -- and as far back up the email chain as you have energy -- informing the originators that this is just junk email. For this particular case, I suggest that you provide a pointer to this URL (http://www.umich.edu/~virus-busters/hoaxes/phone.html)

Another good site to visit for info about "90#" is ATT's page on this scam (leaving our site). Thanks to Barry Cohen for bringing that page to our attention.

Note: this link is now defunct; you can see a copy of it, though, via the Wayback Machine's archived copy (leaving our site).
For virus or hoax info, please see our main page (http://www.umich.edu/~virus-busters/) or go to another reputable site, like DataFellows (leaving our site).

-BPB

Last updated: Tuesday, 11-Jan-2005 23:24:02 EST.
University of Michigan Virus Busters - virus.busters@umich.edu

visits to this page since 23 February 1998 04:09 EDT