TL;DR(1) – Telstra has a bug in their landline system. It’s time to get rid of it for good.
TL;DR(2) – The bug is when someone calls your landline they can prevent you from hanging up. Find out how to test, and how to protect yourself from scams.
This is Part 2 of Scammers making use of Telstra landline bug. Read about the scam in Part 1.
Yes, it is a bug
Bug, n:
An error in software[1] that causes results to be different from expected.
Section 7.2.1? Just gimme a phone that works[2]
Let’s get one thing straight: I’m calling it a bug … #CallASpadeASpade. I certainly understand the people who point out the phone network complies with Section 7.2.1 of BT SIN 721 [pdf] (or Australia’s equivalent), but that is extraordinarily unhelpful. Most people expect calls to disconnect when they hang up. Therefore (to most people) it is a bug.
Now that’s out of the way, on to checking your landline for the bug, and protecting yourself from scams.
Testing your landline (easy)
Instructions for testing:
- The most reliable test is from another landline,[3] within the same local calling area. So you should ask a friend or neighbour. The caller is the A-party, calling your landline (the B-party).
- The A-party calls the B-party who answers.
RESULT: A & B parties talking. - B-party hangs up.
RESULT: A-party hears silence. - [OPTIONAL] Using a mobile phone or similar, quickly call the B-party.
RESULT: False busy tone.[4] - B-party picks up (within 30 seconds).
RESULT: They connect back to the A-party. A & B parties talking. - B-party hangs up. The A-party should time how long it takes before they hear disconnect (beeping) tone.
LIKELY RESULT: 30 or 90 seconds, but could be five minutes. - Repeat the test, but A & B parties should swap roles.
Here, you’re doing your friend a favour by testing their landline for the same bug.
Shocked?
The official term is CSH (Called Subscriber Held) or A-Party Hold Release[correction]. I call it a very nasty bug because the victim (having received an unusual call) believes they’re doing the right thing by initiating their own call to verify the circumstances, but in reality they are still connected to the A-party scammer. This bug can be used in many different ways by different scammers, particularly to glean private information from the victim, but it is also possible to simply cause confusion, or lure someone to their death.
Continue reading to learn if a scammer is still on your line after a call.
How to protect yourself
Every man and his dog is making calls[5] (video, 0m59s)
By now, every man and his dog will have called each other and concluded their landline is vulnerable. Based on discussions with Internode (my telephone provider), Telstra has informed them that there is “nothing that can be done”. Even if they change their mind, it might take three to six months.
So, in the meantime, if you get any strange call (or they hang up just as you answer) stop and think. If you call someone else quickly, you might fall victim. You have to check your landline is genuinely free.
Probably the best way is to use your mobile telephone to call your landline; you should hear ringing through your mobile, and hear the landline ringing[4]. You don’t have to answer your landline, so hang up (end call) on the mobile, to avoid being charged. If you can’t do that, there have been some other suggestions from various people.
- If you have a toll bar on your landline, call a barred number. The wording of the message should be exactly the same.
Perhaps you should organise 1900 barring now, if you don’t have it already. - Call a trusted friend or loved one. BEWARE: The scammer may still be on the line, eavesdropping.
- Sidestep the issue by using a different telephone (or mobile telephone) to make your outgoing call (to the bank/police).
- Wait five minutes for the line to clear
The problem with this is clearing times vary significantly, and the scammer could simply defeat you by calling you again at the four-minute mark.
Complexity, complexity, complexity
Australians have a habit of making simple things complex (yes, train tickets in Melbourne are too complex for tourists and locals), but I am still stunned that the act of hanging up the telephone is this complex.
I am entitled to think that it will work as expected (as it does in New Zealand).
And I’m entitled to think that a scammer will not be able to interfere with the use of my telephone, or any other technology. CSH (as it is termed) should have died with the last mechanical exchange, and it is time to get rid of it for good, in order to protect people from fraud[6], as well as make the phone network simple to use.
UPDATE (and change of plan) Part 3 is now available as How I was an Unwitting Victim – 21 Years Ago.
The planned Facts and myths about this landline bug will now be Part 4.
Links, Footnotes, and Updates
- The Age – second article on the topic
http://www.theage.com.au/money/fraudsters-rip-off-5m-from-elderly-victims-using-telephone-scam-20160404-gnxpbu.html - The Age – first article on the topic (but no mention of the landline problem at all)
http://www.theage.com.au/money/dont-fall-for-fraud-this-april-fools-day-20160327-gnrtha.html - Whirlpool – phone scam
https://forums.whirlpool.net.au/forum-replies.cfm?t=2518168 - BBC – Similar news article in the UK
http://www.bbc.com/news/uk-england-dorset-25986699 - Sunshine: television show segment showing interview with Arthur Katsogiannis of the NSW Fraud and Cybercrime Squad
https://au.tv.yahoo.com/sunrise/video/watch/30872608/police-warn-of-new-phone-scam/ (4 minute video) - Information Security Stack Exchange: Does hanging up on a UK landline call not terminate the connection?
http://security.stackexchange.com/questions/100268/does-hanging-up-on-a-uk-landline-call-not-terminate-the-connection - BT SIN 351: Technical Characteristics Of The Single Analogue Line Interface
(PDF) http://www.sinet.bt.com/sinet/SINs/pdf/351v4p6.pdf - Telstra’s own advice (“clearing the line”)
https://www.telstra.com.au/consumer-advice/unwelcome-calls/call-types - [1] It could also be an error in the settings (configuration). Strictly these errors are not bugs, but someone outside the system has no way of telling, so let’s not blame them for calling it a bug?
- [2] By S. E. Stokowski (Own work) [CC BY-SA 4.0 (http://creativecommons.org/licenses/by-sa/4.0)], via Wikimedia Commons
- [3] A mobile can be used to call your landline, but I’ve only reproduced a 12-second lockout. Bear in mind you need (another) mobile phone for step 4, and you can’t swap roles for step 7.
- [4] If you (the B-party) have the Call Waiting feature on your line, results may be different. I’d be interested to hear (submit a comment).
- [5] Video: Telecom NZ Call Diversion television advertisement; source: YouTube.
- [6] Look in the mirror. Just above your neck, there is a face and a head, and inside the head there is a significant mass of gray matter, neurons, and synapses. It’s called a brain, and one is strongly advised to use it. Putting your brain into gear (a.k.a. “thinking”) is the best defence against fraud. But if you’re not confident, you can also use someone else’s brain: it’s called “asking their opinion/advice”. Try it with a trusted friend or family member. Having said that, very few brains are equipped with the knowledge of this landline bug, and that is the whole point of this article.
- Update 1: Added Telstra link.
- Update 2: Corrected: A-Party
HoldRelease
So I’m curious: does this issue affect all Australian landlines, including non-traditional lines such as VOIP and those delivered via cable networks such as Optus? Or is it just traditional PSTN lines?
I’m unsure about cable networks (eg via Optus – also known as Hybrid Fibre/Cable [HFC]), NBN services, and TPG’s bundled deal.
Does not affect VoIP (MyNetFone and my work’s VoIP) … calling from somewhere to my VoIP line gives an immediate disconnect. But my test from a VoIP line to a traditional copper PSTN line gave me a 30-second lockout (on the PSTN line). Therefore a VoIP user cannot be victimised, but they may be able to perpetrate a lockout against someone else.