MILLIONS of dollars are being ripped off phone users in Australia by
hackers using increasingly elaborate phone scams.  Households, businesses
and mobile phone users have become victims of widespread and systematic
phone fraud.

[Phone hackers or scam artists? Phone hackers (aka Phreaks)
 are in it for the love of technology, not making massive fraudulent calls.
 Yet this article continually uses 'hackers' in place of ANYONE making ANY 
 illegal call.]

As carriers Telstra and Optus make advances in protecting their
telecommunications networks, hackers are increasingly adept at breaking
their security codes to rip off users. 

The Herald Sun has discovered many cases of billing discrepancies blamed
on hackers, including one householder charged $10,000 for calls he said he
never made. 

A Herald Sun investigation has also shown:  SEX calls to chat lines in the
United States, Guyana, the Dominican Republic, Russia, Chile and the
Seychelles are commonly charged to other people's accounts.  HACKERS can
divert their Internet, local and international call costs without

BUSINESSES with internal exchanges, or PABX, are particularly vulnerable
and are frequently being billed for hackers' forays.  MOBILE phones
thought tamper-proof can be hacked into by cloning their SIM cards, the ID
chip that controls billing.  Telecommunications industry deputy ombudsman
Wally Rothwell said hacking had become a costly reality. 

"Hacking could be costing consumers in the region of millions of dollars," 
he said. "Some of these calls are very expensive - sex calls, for example,
can be up to $30 just to be connected." 

Between January and March this year, 426 complaints were made over calls
householders and small businesses believed they never made.  Mr Rothwell
said "phreaking" - a fraud in which calls are diverted through someone
else's phone - had been proven possible from within telephone exchanges.
"However, we are yet to see it proved that hacking can be done remotely or
from outside the telephone exchange," he said. 

But a former "phreaker" told the Herald Sun hackers established years ago
how to illegally get into exchanges from external lines.  Andre Dedio, 32,
an Internet service provider, said methods ranged from crude to advanced. 

"When I was doing it I was using my computer to program the exchange to do
what I wanted it to do," Mr Dedio said.

"Expert phreakers use normal telephone lines and home computers to
generate certain sounds that will open the exchange trunk," he said.  He
said hackers also access private telephone lines by manipulating gadgetry
inside exchange pits in suburban streets.  They could easily divert their
calls through their neighbors, he said, but this was crude. 

"If you can get into the exchange you don't have to hijack someone's
telephone line," he said.

Head of Queensland University of Technology's school of data
communications, Prof. Bill Caelli, said even the most sophisticated
national network was not safe.  Many companies with PABX systems had
succumbed to multi-million dollar phone fraud in the UK, US and Canada. 
Researchers at Berkeley University, California, last month proved digital
phones were no longer secure, having cloned the SIM chip that controls
billing, he said. 

The Australian Communications Authority said big companies had to be extra

"The bigger the company, the bigger the bill and the easier it is for
hackers to avoid being spotted," spokesman Frank Nowlan said.  The maximum
penalty for phreaking is five years' jail under the federal Crimes Act. 

Telstra spokesman Stephen Nason said Telstra believed its network security
was world's best practice in protection against hackers.  "While no
network is 100 per cent bullet-proof, we believe the Telstra network to be
absolutely world-class," he said.  Hacking was not widespread, he said,
with probably fewer than 50 cases a year in Australia. 

Optus spokeswoman Kristin Meagher said Optus had no evidence of hacking on
its network.