FBI investigates PSAP phone attacks, extortion

FBI Investigates PSAP Phone Attacks, Extortion Posted: 13 Mar 2013 02:31 PM PDT At least two 911 centers in the United States have been victimized by a team of telephone extortionists who have demanded repayment of an employee’s alleged loan, and who then blocked the agency’s telephone number with a flood of incoming calls when the agency refused. In one case the attack spanned three days and caused some calls to roll over to a back-up agency’s comm center. The latest attack happened today at an undisclosed communications center, potentially blocking critical citizen communications. The Association of Public Safety Communications Officials (APCO) issued a warning about the scheme, which has been used for many years, and is dubbed the “payday loan attack.” The caller claims to be from a loan collections company, and attempts to make the business/PSAP responsible for paying back an employee’s loan. When the company or PSAP refuses, the suspects begin a telephone dialing attack. Until now, such extortionists haven’t called public safety comm centers, but over the past month have included comm centers on their call list. APCO did not provide details on what types of telephone numbers are being called by the suspects. The group’s warning noted that many other agencies may have been targeted by the criminals, but did not reported the attacks. APCO is asking agencies that have experienced loan demands, blocked telephone lines or other suspicious situations to contact the association with details: Jay English, Director of Communications Center and 9-1-1 Services, englishj@apcointl.org. Read the group’s recommendations in handling such extortion demands after the break. APCO International recommended the following: Targeted organizations should not pay the blackmail. Contact your telephone service provider; they may be able to assist by blocking portions of the attack A call back number to the “collections” company or requesting organization should be requested and logged. Any information you can obtain about the caller, or his/her organization will be of tremendous assistance in this investigation and in preventing further attacks. Record and report the payment method and account numbers where the “collections” company requests the debt to be paid. Reporting any information you may have regarding previous or future attacks to APCO will ensure wider dissemination and pooling of resources. What we know: § The attacks resulted in enough volume to cause a roll over to the alternate facility. § The attacks last for intermittent time periods over several hours. They may stop for several hours, then resume. At least one attack spanned a period of three days. § The attacks followed a person with a heavy accent demanding payment of $5,000 from the company because of default by an employee who either no longer works at the PSAP or never did. What we need from our members: § Additional insight into the scope and impact of the event- specifically how many communications centers have been attacked is critical to identifying the true scope of this occurrence. § In order to ensure situational awareness with our members and member agencies, it is critical that this information be disseminated to emergency communications centers, PSAP’s, government IT departments, and any related government agency with a vested interest in emergency communications continuity of operations.   - Source: "Dispatch Monthly Magazine"