Rogue Dialers - The Net's Latest Scamola!
By Robert Palmer
Posted Wednesday, July 28, 2004
If recent news stories concerning worms, trojans and security exploits within Microsoft's Internet Explorer, left you feeling vulnerable, this will leave you terrified. PC's the world over are already being hit by a new breed of trojan type software called Rogue Dialers. More malevolent than most ordinary spyware, Rogue Dialers actually hijack the computer's modem and then uses it to dial-up a premium rate telephone number, racking up huge telephone charges. Many Dialers operate whilst the victim is actively surfing the Net by dropping the current connection and then performing an automatic reconnection via a premium rate number. Most scary of all are the Dialers which connect themselves to a premium rate number while the victim is away from their machine, achieving this by detecting long periods of inactivity.
Most "infections" of Rogue Dialers are contracted by the "drive-by download" method, where-by the dialer software is automatically downloaded from a webpage without the victim ever being aware. This method of installing software onto a users PC was pioneered by the online adult services industry as a way of putting spy and adware programs onto a customers PC without them knowing. Originally confined to adult websites, drive-by downloads of spyware used to be known as the Electronic Pox; a risk the end-user took when visiting adult websites. Of course, just like the first pop-up box, also developed by the adult industry, the rest of the Internet was soon to follow. Thanks to a glaringly obvious design flaw in Microsoft's Outlook Express, which allows emails, including those containing HTML and embedded malevolent code, to be previewed without any warning, Rogue Dialers can be placed onto a victims PC without them ever going near a website. Rogue Dialers are just the next generation of electronic misery which can be inflicted upon the end-user. Unfortunately for any victims, Rogue Dialers hit the pocket and they hit it hard!
In America, one victim of a Rogue Dialer scam racked up some $500 in charges after their modem was hijacked and a premium rate number was contacted on just six occasions. In the UK too, numerous victims have reported huge telephone charges, with some in excess of £1500 ($2800).
The consumer website, Bad Business Bureau has received over 1300 complaints from victims of this latest scam and, while this whole matter is being investigated by Federal Trade Commission in the States and by the Office of Fair Trading in the UK, scammers are already responding with new software which dials numbers in countries where trade controls are lacking.
A further blow has recently been delivered to UK based victims with announcements from the leading telecoms providers, BT and NTL that they are "not responsible" for calls which have been made fraudulently and that customers will not be exempted from any charges incurred.
Protecting Yourself & Your Wallet
Firewalls and and anti-virus software WILL NOT provide protection against Rogue Dialer infections. The "drive-by download" method of introducing a Rogue Dialer onto a PC normally involves an ActiveX script and users advised, at the very least, to set their browser settings to either disable ActiveX or warn of its existence. For a more professional approach to protecting your modem, StopItNow, an Australian based software company has released a specific Rogue Dialer killer which retails for just $16.95.
To avoid having a Rogue Dialer dumped onto their computer via the preview pane of Outlook Express, users may want to consider an alternative email client such as the freeware program, Eudora.
Related Links:
* (http://www.badbusinessbureau.com)
* (http://www.stopitnow.com.au)
* (http://www.ftc.gov)
* (http://www.oftel.gov.uk)
* (http://www.eudora.com)
About The Author
Robert Palmer is CEO of deskNET Communications (http://www.desknet.co.uk) - providing webmasters and e-commerce with a more successful alternative to opt-in email marketing and email newsletters.
info@desknet.co.uk