Date : Wed, 09 Mar 1988 23:24:00 MST
From : Keith Petersen <W8SDZ@SIMTEL20.ARPA>
Subject: Telenet security problem
The following message is relayed from my BBS. I am not the author.
The file is supplied "as-is" for informational purposes.
--Keith Petersen
--cut-here--
The following comes courtesy of P-Link:
-----> Telenet Security Problem <-----
There is a potentially serious problem if you use Telenet to connect to
any online service. Telenet is working on correcting the problem, but,
in the interim you should be very careful when using the Telenet
network.
Some individuals have discovered it is possible to call Telenet and
connect to other people who are attempting to log on. They will begin
to type typical Telenet prompts such as "Terminal =" and the "@" sign.
By observing your response, they can figure out which service you are
attempting to connect with (e.g. C PLINK..C DELPHI, C 202202) and then
they will type the appropriate prompts in order to get you to type in
your user I.D. and password.
Once they have your I.D. and password they will either disconnect or
give you some error message and ask you to try again. In either, case
they CANNOT give you access to the system you are trying to access.
To safeguard against this type of theft you should be very wary of any
failed attempt you have in connecting to any online system through
Telenet. If you have a failed connect attempt, we suggest you call
back IMMEDIATELY and change your password, if possible.
We recommend against automatic log-on procedures, if you use such.
Preferably, if you can do your online accessing through networks other
than Telenet, you should do so at this time.
Please note that those people participating in the above are engaging
in criminal activities. Telenet is working with law enforcement
agencies and the telephone companies in order to locate and prosecute
the offending parties.
Please share this information with others you come in contact with on
the other commercial networks.
People/Link Management