Long distance charges, Sao Tome and AT&T

Anderson Johnston andy at umbc.edu
Wed Jan 29 00:00:18 GMT 2003

I've got a weird one.

A student (who lives at home) told me that her mother received a phone
bill from AT&T with a long distance charge to Sao Tome, a small island
nation of the west coast of Africa (www.sao-tome.com).  The student uses
our dial-up modems to get an Internet connection.

When the student's mother called AT&T to protest the charge (apparently
this was not the first time), she was told that the phone charge was
imposed by a web site on the Internet and that she would have to talk to
her ISP (our university).  I called AT&T customer service myself with the
billing details provided by the student.

After some checking, the service person told me that certain "adult" web
sites registered in Sao Tome (www.nic.st) have arranged to bill viewers
through AT&T.  Apparently, viewers are warned that if they enter such a
site, they will be charged on their phone bill.  Also, these web site
could determine the phone number of the caller "from the modem".  Of
course, many web surfers don't use modems at all these days, and there is
no way for a web site to get such information from a modem anyway, but
none of this appeared relevant.

So I googled.  There seem to be two possibilities:

	a.) Some ".st" sites might arrange to bill your phone number if
		you choose to provide it.
	b.) Some sites might allow (require?) you to download software
		which will dial Sao Tome to access whatever they have to
		offer.  (So what if you don't have a modem? You can't get
		to them at all?)

There are reports that seem to point at variants of b.), including some of
a worm that calls Sao Tome.

Can anyone shed any light on this?

						- Andy Johnston

** Andy Johnston (andy at umbc.edu)          *            pager: 410-678-8949  **
** Manager of IT Security                 * PGP key:(afj2002) 4096/8448B056 **
** Office of Information Technology, UMBC *   4A B4 96 64 D9 B6 EF E3 21 9A **
** 410-455-2583 (v)/410-455-1065 (f)      *   46 1A 37 11 F5 6C 84 48 B0 56 **

More information about the unisog mailing list