AT&T's Gaping Hole
by Jinx
There is a glitch in AT&T Wireless Service that allows a user to receive free phone service.
There are cell phone customers who have been making calls free for months and may never be caught.
First let me tell you that I am merely exposing this glitch and do not advocate taking advantage of it in any way. And although I will give you specific information on how to socially engineer an activation fro this service, I do not condone it - stealing airtime is stealing, period. Now let me explain...
Prepaid activations require specific prepaid numbers from a certain exchange and prefix. However, when you activate a prepaid phone with a "regular" cell phone number, what happens is pure magic. A person is able to make and receive as many calls as he wants... for free. You don't have to buy a prepaid card ever. You just activate prepaid service with a regular style phone number and voilà, free phone service.
Please take note that all AT& Wireless centers nationally use Lightbridge and CBIS to activate phones, and we all share/gain access by using Citrix ICA client to access a main server somewhere in the Midwest. Meaning that AT&T's little glitch is national, not just in one market.
AT&T's Tech Support Group has been aware of this problem for a long time but has not fixed it because it is a rare occurrence and would cost beau-coup dollars to fix the glitch. Here is the really cool thing about this hole. AT&T prepaid service does not require you to give your name and address. So there is no way they can trace it to you, and even if they were able to catch you, it's not your fault you received free service - it's AT&T's fault.
Now you know how easy it is to get free service.
But here's the hard part: activating a prepaid account with a regular number. What to do, what to do? Usually when this mix-up happens, it is by pure chance, a mistake, a fluke. But it could be done intentionally if an evil person (not us) wanted to take advantage of it. There are a few ways to do it, but this is probably the best way. You need some social engineering skills because you have to pretend you are a cell phone sales rep.
Any place that sells AT&T cell phones is able to call us to do activations. You'd have to know PIN codes for their store, though. How do you find this out? Simple, listen in on a call. A rep calling us will usually say, "Hi, this is Mike from Circuit City blah blah, my PIN code is LAX0000." Once you have the PIN code, it's a piece of cake.
Call in, say you are so-and-so from Store #6969 and your PIN code is LAX-whatever. Ask them if you can have a regular number for a certain area code. They will ask you what pool you need it transferred to. You don't need to know your pool number, because the reps have a list. You do have to know where the fu*k you're calling from though, so tell them the name of your store and store number (important). Say "Thank you." and hang up. Call back two minutes later, ask to do a prepaid activation, and tell them you already have a number selected. Give them the regular number that you just got two minutes ago, the ESN, your PIN code, etc. AT&T's system will not catch the error and the only way the rep will catch it is if they have every phone prefix memorized and they won't.
The reps usually don't even pay attention and just want to get you off the phone so they can answer the next call.
While I'm sure this error will be fixed someday, I am just amazed that AT&T does not make it a priority. Once the secret is out, there's bound do be tons of problems. Maybe exposing it to you all will put AT&T on their tippy toes.
Have a nice day cell phreaks, and thank you for calling AT&T.