Bootleg Cellular Phones Are Dialing Up a Fortune : Fraud: ‘No-bill’ devices spread nationwide after emerging in Southland. Safeguards do not always work.

Chuck Welch knew something was wrong when he saw the $1,500 bill from LA Cellular--more than 10 times what it should have been.

The retired Hollywood resident, it turns out, was the victim of a new strain of fraud that began in Southern California and is spreading nationwide. His cellular phone had been “cloned”--enabling someone with an illegally purchased telephone, equipped with a counterfeit electronic device, to place calls for free and bill them to Welch.

Even though LA Cellular forgave his bill, an angry Welch canceled the service. “It just wasn’t worth the bother,” he said. The phone’s security system is “just too easy to crack. They need to go back to the drawing board.”

The cellular phone industry admits that it has a serious problem on its hands, and law enforcement authorities agree. Federal agents in Los Angeles recently arrested half a dozen Southern California men for selling thousands of so-called no-bill cellular phones.

Carrying price tags of $300 to $1,500, these phones are remarkably easy to buy--if you know where to look. Some can be found at Southern California flea markets, but most are sold clandestinely through small independent cellular equipment shops, according to law enforcement officials who stake out these spots to catch violators.

The illegal phones can typically be used for about a month before the cellular company discovers the problem with a specific phone number and deactivates it. But scam artists have found ways to reprogram their phones to use a different number.

Still, law enforcement officials say, the devices have been purchased by thousands of buyers, including some who could afford to pay for the service: professional athletes, college professors, doctors, lawyers and Hollywood personalities.

But the majority of the customers are a different breed: “John Q. Public, who decides he needs a portable phone but can’t afford to pay the usage charges,” said Stan Belitz, chief of the Secret Service’s fraud investigation team in Los Angeles.

The latest scam underscores how cellular fraud has grown into a $1-million-a-day problem that has seeped beyond the criminal fringe and into the everyday fabric of society. First popular with car thieves, drug dealers and other mobile criminals, the illegal phones are used by ordinary people with a little larceny in their hearts.

“The vast majority of the buyers are cellular shoplifters,” said Lee Kaywork, chairman of the Cellular Telecommunications Industry Assn.’s fraud task force. “They are otherwise law-abiding citizens. But people will do anything if they think they won’t get caught.”

Many bandits easily evade safeguards that cannot handle this type of sophisticated crime. And when the cellular shoplifters are caught, an overloaded legal system often elects not to prosecute in order to pursue more serious offenses.

But the nation’s telecommunications industry is perhaps most upset because abuse is spreading just as the industry prepares to launch the next generation of wireless telephones. Industry officials fear that the fraud will undermine public confidence in the privacy and security of a system that is easily tampered with.

“The safety of wireless communications is everyone’s concern, and it’s a legitimate one,” said David Daniels, fraud control manager of PacTel Cellular, operator of the state’s largest wireless network.

Cellular phone makers expect to equip their products with advanced encryption technology within the next two years but even that may not ensure a foolproof system. “These con artists are pretty savvy,” Daniels said. “So far, for every countermeasure we come up with, they come up with another fraud.”

Like its predecessors, this latest cellular scam started in Southern California, the cellular phone capital of the United States and epicenter of its fraud activity. Southern California is home to about 11% of the 10 million cellular customers in the United States and generates about a third of the country’s cellular fraud, according to telecommunications industry officials.

The first cellular scams were versions of the time-honored credit card frauds. Crooks would use fake or stolen identification and credit references to establish bogus accounts with cellular operators. This scam, still the most prevalent throughout the nation, is generally short-lived because cellular operators shut off service within a month or two after the bills are not paid.

The next schemes began appearing about four years ago and trace their origins to a computer program written by Kenneth Bailey, a programmer from Laguna Niguel.

The program’s claim to fame is that it is the first to unlock the complicated electronic codes that cellular telephones use to gain entry to the telecommunications airwaves.

According to law enforcement officials, Bailey’s software strips a cellular telephone of its two, original electronic identification signals and reprograms the device to generate random, counterfeit signals to trick the cellular network into letting the call go through. As a result, users could make cellular phone calls anywhere throughout the world while the charges accumulated on nonexistent billing accounts. The scam, known as “tumbling,” has cost cellular phone companies hundreds of millions of dollars over the last four years and remains one of the most popular scams in some parts of the country.

Secret Service agents arrested Bailey in 1989 on charges of trafficking in counterfeit devices. The government is considering whether to appeal a ruling last month that overturned his conviction.

Meanwhile, cellular operators have raced to thwart his invention by installing costly new software in their networks to verify a user’s account every time a call is made. Although this software has been installed throughout much of the network serving Southern California, it is by no means universal. Outside the region, industry officials acknowledge, few network operators have undertaken the extra expense.

But even the new software has not proved to be a significant deterrent to the determined con artist. Law enforcement officials say that cellular criminals have turned to “cloning” to gain access to the airwaves.

In this scam, phones are altered to generate copies of the electronic identification signals of cellular accounts held by bona fide customers. The phones are then sold as no-bill devices.

“Most cellular technicians have access somehow to the illegal software needed to reprogram these phones. I can almost find it anywhere,” said Tom Moore, a private investigator retained by the cellular industry. The San Fernando Valley and South-Central Los Angeles, he says, are especially known for having a large number of shops willing to sell the no-bill phones.

Because cloned numbers are relatively easy to detect by vigilant cellular subscribers and alert service providers, the scam artists have devised a way to generate repeat business for their no-bill enterprise. As soon as one number is deactivated, the no-bill phone owner can return his handset to the seller, and--for another fee--have the phone reprogrammed to generate another cloned signal.

Moore said that some operators, who can be reached by beeper phone, have been seen meeting customers in gas stations. After plugging the phone into a laptop computer and punching a few keys, a deactivated phone has been given another 20 days to 45 days of no-bill life. According to Moore, operators typically charge $150 for the first alteration and $75 for follow-up visits.

“The average customer of these operators is more than willing to pay $150 for a phone that they know they can use to make $4,000 to $5,000 worth of calls,” Moore said. “The economy is tough and people just don’t want to spend 45 cents per minute. But they still want to have their portable phones.”

Cellular operators in Southern California are trying to crack down on the latest twist in illegal calling by installing more software on their networks that is designed to uncover suspicious calling patterns.

Investigators know that calls from the same phone number within minutes of each other but from widely distant spots is one sure sign of cloning fraud. Because cloned phones are often used by “call sell” operators who sell air time for inflated prices to immigrants, repeated calls to one or two foreign countries are another prime indicator of potential abuse. Investigators also monitor the network to locate cellular phones that are used around the clock, another clue that a phone is being passed around for free use.

However, investigators admit that tracking down a sporadic or judicious user of a no-bill phone is difficult. Because most bona fide cellular customers are businesses or business people who are reimbursed for their phone bills, many subscribers do not notice a few extra charges on the account.

Even signal encryption promised within the next two years by new digital cellular technology cannot fully protect the airwaves from fraud. “We’d like to think that the emerging technologies will improve the situation,” Kaywork said, “but clearly any time you’re using wireless, you run the risk of exposure to crime.”