Dialler Virus!!!!!???????

danny1234

I just received a recent Eircom Phone bill with International call charges totalling 25 Euros made on 1st April (April Fools Day). There were 3 seperate premium rate calls made to US islands in both the Pacific and Indian Ocean.

These phone calls were DEFINATELY not made by anyone in our household. My father had just disconnected from using the Internet 3 minutes before these calls were made.

When we queried the issue with Eircom they informed us that it was due to a dialler virus on our computer. They also said that this seemed to be a common complaint. We do not use an up to date virus scanner but will be purcahsing one soon.

Has anyone out there ever heard of a sophisticated dialler virus that would be able to call premium rate numbers in the States whenever it chose to???? If there was such a virus wouldn't it be International news???? Such a scam would surely be able to generate millions of dollars which is why I suspect the whole thing stinks.

More suspiciously, I recently heard an Irish chat show (Can't remember which) where people were complaining of similar Eircom charges all showing up on April Fools Day! Did someone hack into the Eircom system on that date???

Can anyone shed any light on the situation or offer any suggestions???? Answers appreciated.

dlofnep

A virus is self replicating code, this is merely a porn dialler or p.r.d.

(1) There is nothing you can do about it if you accepted the t&c's of the dialler.
(2) Re-read step 1.

Forget about it. Check your connections list and remove any unknown connection setups from the list. Also run ad-aware or spybot; these are pretty effective for removing diallers.

Tom Dunne

What happened here was somebody looked at some bogey site from your PC and it installed a dialler, most likely without your knowledge.

Sounds like you got off lightly. Most dialers sit in the background, wait until you dial the internet, disconnect you and then dial the premium rate number. You think you are dialing a local number, so you stay on for an hour or so. All the time, your phone bill grows exponentially. Eircom, seeing a business opportunity, have kindly created a "special" band for Deigo Garcia, which is something like 10 times more expensive than similar regions in that part of the world. So Eircom are complicit in this scam.

To protect yourself, get an to date virus scanner, get Ad-Aware (free) and Spybot Search and Destroy (free) and ZoneAlarm (also free). Also consider using another web browser such as Mozilla or Opera.

danny1234

RE : Tom Dunne

Thanks for replies people. 2 questions.

1) Can a dialler call 3 seperate phone numbers in the space of 20 mins. with no user interaction? The web was disconnected and there was no user attempt to reconnect.

2) In my first post I didn't mention that one location was indeed Deigo Garcia. If Eircom have set up a "special" band for a remote island in the Indian Ocean surely they are well aware of a scam going on. Not just that but they must know exactly who is doing it. I can't imagine many companies are operating out of Deigo Garcia????!! Complicit seems like an understatement.

P.S How do u know about Deigo Garcia?????!!!!!!!!!!

greglo23

to stop these diallers use spywareblaster from this link.
its a very simple tool to use and it`s regularly updated.

http://www.javacoolsoftware.com/spywareblaster.html

Tom Dunne

Originally posted by danny1234
1) Can a dialler call 3 seperate phone numbers in the space of 20 mins. with no user interaction? The web was disconnected and there was no user attempt to reconnect.

Absoloutley. If the computer is on and the line is connected, there is no reason it cannot dial up whatever number it is programmed. There are legitimate programs out there that will dial up the internet (say during the night) and download certain files/websites for you. Once they have finished downloading, they disconnect. So yes, it can quite easily be done.

If Eircom have set up a "special" band for a remote island in the Indian Ocean surely they are well aware of a scam going on.

Exactly. And there's not a damn thing you or me can do about it. See a rather heated discussion about this whole topic here .

P.S How do u know about Deigo Garcia?????!!!!!!!!!!

It said it on my parent's phone bill Did a bit of investigation and lo and behold, there was a dialer on their computer.

sceptre

Originally posted by danny1234
I can't imagine many companies are operating out of Deigo Garcia????!! Complicit seems like an understatement.

There isn't a single company actually operating out of Diego Garcia. Google for the place. It's had an interesting history.

danny1234

Does anyone out there know when Eircom's Band 13 was invented or when the rates went sky high? Did this coincide with Internet growth in Ireland?

Has anyone ever published an article on the issue or made it publicly aware?

ComReg don't seem to care about it as everything is legal and above board. Do the public care about it?

Kazu

a porn dialer get kerio personal firewall it would have detected it trying to connect to the internet and would ask you if you want it to connect or not very handy

Martyr

With the windows operating system, which I assume you use.
There are MANY dialing API which can be used to access the internet.

The great thing about windows is its functionality, and how useful it
can be to programmers, but sometimes for all the wrong reasons.

Some API, can let software dial up to the internet without any interaction
from the user at all.
It can also hide any activity from task bar or desktop.

Even with a virus scanner installed, there is never a guarantee
that it will pick up all malicious code you haven't installed
willingly on your system.
Still a good move though.

Keep the phone line disconnected unless you're using the internet.

clearz

Originally posted by danny1234

These phone calls were DEFINATELY not made by anyone in our household. My father had just disconnected from using the Internet 3 minutes before these calls were made.

Ask your father did he download any porn dialers:)

seamus

Go to
www.lavasoftusa.com and download "Ad-Aware".

Keep this program updated and use it to scan your computer once a week.

Porn diallers are simple pieces of software, which can easily be downloaded through user ignorance (have you ever had a box pop-up, and you just selected "Yes" or "OK" just to get it out of your face?) or through exploiting default or common security settings (another form of user ignorance).
Once installed, they are free to attempt to hijack your line, where they call premium rate numbers in foreign countries, and will stay connected as long as possible. Some will hang up & change numbers quickly to attempt to avoid detection by internet usage monitoring programs.

What can you do? Well, if you're faced with a large bill, it's tough. For all intents and purposes, it's your fault that your computer dialled these numbers. "I didn't know" is never an excuse. It can, and has been argued that eircom are exploiting unwitting users by creating a special expensive call band for the most commonly used dialling locations, but at the end of the day, they're not forcing you to dial these numbers, or defrauding you out of money.
So there are a few things you can do.
Search the web for some basic security precautions when surfing.
Have a look around in the security section of the Internet Options, to see what you can and can't block automatically.
Install a firewall. The vast majority of firewalls will warn you when any program is attempting to dial out to the internet, and won't allow it to do so until you give it the OK.
Download ad-aware, as above.

Comreg have released an informational booklet on the matter.
http://www.comreg.ie/_fileupload/publications/cg07.pdf

Be vigilant

sceptre

Originally posted by sceptre
There isn't a single company actually operating out of Diego Garcia. Google for the place. It's had an interesting history.

Quoting myself (it's a bad habit) but this (report on the fight of the islanders on DG to go home from last Thursday) might be of interest to anyone who has a half interest in where these calls are going. Nothing to do with security or telecoms, just background.