Comreg consultation on Internet Diallers

Moriarty

http://www.comreg.ie/whats_new/default.asp?ctype=5&nid=101698

Reference Number : 04/81

Protecting Phone Users from Internet Dialler Scam


PDF here.

Moriarty

From a quick glance over it, it looks pretty good. They're going to make all ISPs send off some emails to all registered subscribers informing them of the problems with these hijackers.

Further, they're going to force an introduction of opt-in call barring on 14 spots[1] that they've identified with these scams. All numbers to these spots will be barred from every customer account, unless the customer phones them up and specifically requests a specific phone number to be unbarred and the telco then makes sure that connects to a voice line. Telcos will not be allowed to charge consumers for any calls to these 14 destinations unless they've specifically requested access to them.


*[1]: Norfolk Island, Sao Tome and Principe, Cook Island, Tokelau, Diego Garcia, Wallis and Futuna, Nauru, Tuvalu, Comoros, Kiribati, Solomon Islands, Mauritania, French Polynesia and finally Thuraya Satellite.


<edited because it clearly is opt-in, not opt-out >

seamus

Excellent.
I particularly like them forcing them to apply opt-in (or is it opt-out, I thought it was opt-in because you had to opt-in to make calls to the locations).

Also, something else that looked good:

i) above, shall not charge any subscriber account for direct dial calls to
destinations listed in Appendix B unless the call invoiced was to a number
unbarred under a subscriber request as detailed above.

Just one thing, what does this mean?

c) The requirements under a) and b) shall be operable for a period of six months
from the date of the Decision Notice and shall lapse if not renewed or otherwise
amended following a further consultation.

So if in 6 months time, eircom whines loud enough about how much this is costing them to implement, comreg will simply flip-flop?

MarVeL

Looks like a very positive step alright. In fact it seems so logical that I am left wondering how exactly it will be shot down. Cost of barring calls maybe (€3.07 a month according to eircom and a €24.59 setup charge).

Then again this could be just the reason used for the next line rental hike

(Sorry feeling even more cynical then usual today. This really does look like a good proposal)

Ripwave

Originally posted by seamus
So if in 6 months time, eircom whines loud enough about how much this is costing them to implement, comreg will simply flip-flop?

Don't worry, in 6 months time, this still won't have been implemented, so eircom won't have anything to complain about.

60 months, maybe.

Gadgie

Originally posted by seamus
Just one thing, what does this mean?

It means that if your telephone service provider permits you to connect to a number in one of the destinations listed without you 'opting-in', then they can't charge you for that call. (eg. a porn dialler hijacks your computer and when you dial-up it connects to a number in Diego Garcia. You have not opted in to this destination, yet you are able to call this number from your line. The operator is at fault, you are not liable for any call charges incurred).

At least I think that's what it means...

gandalf

Why even bother with the consultation, they should just impliement it. Expect another fudge from the so called regulator :rolleyes:

seamus

Originally posted by Glenn
It means that if your telephone service provider permits you to connect to a number in one of the destinations listed without you 'opting-in', then they can't charge you for that call. (eg. a porn dialler hijacks your computer and when you dial-up it connects to a number in Diego Garcia. You have not opted in to this destination, yet you are able to call this number from your line. The operator is at fault, you are not liable for any call charges incurred).

At least I think that's what it means...

Actually I was wondering what the other bit meant, but yeah that's what b(i) means.

spongebob

Originally posted by Glenn
It means that if your telephone service provider permits you to connect to a number in one of the destinations listed without you 'opting-in', then they can't charge you for that call.

That is exactly what it means. The calls are barred by default and you are not liable unless the operator can show you asked to ring those countries.

The list is spot on too , even including that satphone range .

Well done Comreg, I couldn't ask for any more myself in terms of the structure and intent of the regulation. I expect the final direction to all Telcos by the end of August 2004 at the latest and that you will inspect the Eircom billing systems on the 1st of September to ensure full compliance with MASSIVE fines if anyone gets billed thereafter . Keep a close eye on the forms that them Winback fellas have too and on the basic contract .

A simple comprehensive and morally decent piece of consumer friendly regulation at last , albeit about 22 months After the problem was first highlighted on this Board in the following thread .

€ircon in Cahoots with Porn Dialler companies

I'll have to be really nice to them for a whole 2 weeks now

M

Ripwave

One of the most frustrating things about reading this kind of document is the consistent refusal to include hard data.

How many calls were made to Diego Garcia from Ireland in the first 6 months of this year? How many of them were to numbers that are known to be diallers?

Countries suspending some International communications must inform other ITU Member States - how many such notifications has Ireland received?

None of this information could conceivably be considered confidential, or even commecrially sensitive (while it might be embarrassing for eircom if it was revealed that they charged X amount of money for calls to known scam diallers, that's still not "commercially sensitive information").

seamus

Originally posted by Ripwave
How many calls were made to Diego Garcia from Ireland in the first 6 months of this year? How many of them were to numbers that are known to be diallers?

None of this information could conceivably be considered confidential, or even commecrially sensitive (while it might be embarrassing for eircom if it was revealed that they charged X amount of money for calls to known scam diallers, that's still not "commercially sensitive information").

What purpose would it serve? The document already highlights examples - the guy who got a €12,000 bill, ouch! - in order to stress the necessity of this regulation.

I fail to see the relevance of including hard data, except to embarrass eircom.

spongebob

Originally posted by Ripwave
None of this information could conceivably be considered confidential, or even commecrially sensitive (while it might be embarrassing for eircom if it was revealed that they charged X amount of money for calls to known scam diallers, that's still not "commercially sensitive information").

They were making €1m profit a month on it by the end of last year . Hopefully Comreg will also retroactively cap the revenue at say €100 per user and throw in a Free Copy of Mozilla on CD in the post from €ircon and will force them to refund the rest of their ill gotten gains to the victims.

It was one of the most enormous consumer frauds that was committed in Ireland in recent years. As it happened on Comreg's watch I am not surprised that they are less than forthcoming with the hard data. FoI anyone ?

M

Gadgie

Originally posted by seamus
Actually I was wondering what the other bit meant, but yeah that's what b(i) means.

Sorry Seamus - my mistake!

But yeah I think you were spot on with the other bit.

Ripwave

Originally posted by seamus
What purpose would it serve?

If it turns out that less than 1% of calls to the relevant countries are in fact scam diallers, then it would be perfectly reasonable for the telephone companies to complain that the proposed regulation would be excessive, even if 200 people have been adversely affected.

Common sense suggests that it's extremely unlikely that there is much "ordinary" call traffic to Diego Garcia, but maybe there is. ComReg shouldn't block access to Diego Garcia without considering that particular question, and, if it has the data, then it should be publishing it.

The document already highlights examples - the guy who got a €12,000 bill, ouch! - in order to stress the necessity of this regulation.

I fail to see the relevance of including hard data, except to embarrass eircom.

Maybe you should read up on the concept of "data based decision making". I fail to see any good reason for failing to include the hard data, other than the typically wooly attitude to facts that is so prevalent in Ireland.

Supporting a decision based on an anecdotal reference to a single extreme case, rather than actual, verifiable data is exactly the sort of attitude that allows eircom to get away with providing "functional internet access" (or not, depending on your point of view).

Gadgie

With regards to draft direction 1, will both new users and existing members who sign up for new/additional email addresses after the date on which the decision notice must be implemented get this email?

Example:
Joe Bloggs has just bought his first computer and is signing up for a free dial-up internet account with eircom net. He sets up joe.bloggs2@eircom.net (joe.bloggs was unavailable ). It is after the final implementation date of the decision notice. Does Joe get the e-mail to tell him how to protect his computer? If not, Joe's computer may become infected by a dialler programme, and since the number for said dialler has been blocked on his line, he cannot connect to the internet. Joe rings eircom net support on a 1550 premium rate number at 95c a minute. After several minutes speaking to an operator, Joe's problem is diagnosed and he is told how to change the dial-up number so he can connect to the internet.

Change this story to someone who is an existing subscriber, but no longer checks their main account due to it being flooded by spam. If they sign up for an addition account, do they get the e-mail (as it has already been sent to their main account)?

Q2 in the consultation paper asks about the appropriateness of including any of the destinations listed in appendix B. Does anyone know of anyone who might have a legitimate reason to call these destinations? Or are they all military bases or whatever?

Q3 asks if anyone has any views on how the list in appendix B can be kept up to date. Is there a list somewhere of all the destinations that play host to rogue diallers (eg. on the ITU website or similar)?

spongebob

Originally posted by Glenn
With regards to draft direction 1, will both new users and existing members who sign up for new/additional email addresses after the date on which the decision notice must be implemented get this email?

Example:
Joe Bloggs has just bought his first computer and is signing up for a free dial-up internet account with eircom net. He sets up joe.bloggs2@eircom.net (joe.bloggs was unavailable ). It is after the final implementation date of the decision notice. Does Joe get the e-mail to tell him how to protect his computer? If not, Joe's computer may become infected by a dialler programme, and since the number for said dialler has been blocked on his line, he cannot connect to the internet. Joe rings eircom net support on a 1550 premium rate number at 95c a minute. After several minutes speaking to an operator, Joe's problem is diagnosed and he is told how to change the dial-up number so he can connect to the internet.

95c a minute is cheaper than €3.60 a minute .

Change this story to someone who is an existing subscriber, but no longer checks their main account due to it being flooded by spam. If they sign up for an addition account, do they get the e-mail (as it has already been sent to their main account)?

Whats wrong with Newspaper Advertising I ask myself . Comreg even have a press officer .

Q2 in the consultation paper asks about the appropriateness of including any of the destinations listed in appendix B. Does anyone know of anyone who might have a legitimate reason to call these destinations? Or are they all military bases or whatever?

Virtually no legitimate calls are knowingly made to those countries except by paedophiles . I mean legitimate as in full informed consent and foreknowledge of what you are doing and the cost thereof !

Q3 asks if anyone has any views on how the list in appendix B can be kept up to date. Is there a list somewhere of all the destinations that play host to rogue diallers (eg. on the ITU website or similar)?

Vanuatu and Guinea Bissau are missing from the list and should be added , there is a question mark over Chad as well . These destination countries would be extremely well known in the spyware removal and detection industry, the Porn Industry of course and within Eircom . Many have been included in FCC advisories over the years. (since Active X was invented in the 1990s I should think) .

M

vector

Originally posted by Glenn
...He sets up joe.bloggs2@eircom.net (joe.bloggs was unavailable )....

some idiot has got the the example1@eircom.net version of my eircom address, which is just example@eircom.net, and I'm always getting stuff meant for them, after all who is going to remember the 1.

I get all sorts of stuff, pdfs for travel insurance, airline tickets from ryanair, aerlingus, word documents of quotes for building work, i used to reply but not anymore

Gadgie

Originally posted by vector
some idiot has got the the example1@eircom.net version of my eircom address, which is just example@eircom.net, and I'm always getting stuff meant for them, after all who is going to remember the 1.

I get all sorts of stuff, pdfs for travel insurance, airline tickets from ryanair, aerlingus, word documents of quotes for building work, i used to reply but not anymore

Off topic, but do you get any spam for your.address@tinet.ie? I used to get it, despite never having a tinet address. Eircom must just be forwarding everything on. Does anyone know if they still do this?

vector

Originally posted by Glenn
Off topic, but do you get any spam for your.address@tinet.ie? I used to get it, despite never having a tinet address. Eircom must just be forwarding everything on. Does anyone know if they still do this?

the tinet.ie is still a mirror of eircom.net for mail, despite what their threat at the time that it would only be sor for a transition period of 6-12 months or similar.

funny you should mention that, i have a filter in outlook to delete anything that goes to tinet cos its now 100 percent spam

seamus

Originally posted by Ripwave
If it turns out that less than 1% of calls to the relevant countries are in fact scam diallers, then it would be perfectly reasonable for the telephone companies to complain that the proposed regulation would be excessive, even if 200 people have been adversely affected.

Common sense suggests that it's extremely unlikely that there is much "ordinary" call traffic to Diego Garcia, but maybe there is. ComReg shouldn't block access to Diego Garcia without considering that particular question, and, if it has the data, then it should be publishing it.
Maybe you should read up on the concept of "data based decision making". I fail to see any good reason for failing to include the hard data, other than the typically wooly attitude to facts that is so prevalent in Ireland.

Supporting a decision based on an anecdotal reference to a single extreme case, rather than actual, verifiable data is exactly the sort of attitude that allows eircom to get away with providing "functional internet access" (or not, depending on your point of view).

This is why it's a draft consultation - Comreg presents its proposal and interested parties make their objections and recommendations. If the providers have evidence such as above, then they make their objections, and Comreg (should) re-evaluate their proposal.

I don't think Comreg need to supply any hard data. Essentialy what they're doing is - "We've had a number of complaints about porn diallers, so we're planning on having the telcos bar calls to these places. Does anyone object, or otherwise have any feedback?". Lack of hard data would be more something to get in a tizzy over if they just went ahead and did it without consultation.

Wassabi

So can you opt out of calling Cell Phone #'s from your home phone? With teenage girls in the house, I keep wondering if theres a way to block those calls, the rates are just crazy.

- Was

Ripwave

Originally posted by seamus
This is why it's a draft consultation - Comreg presents its proposal and interested parties make their objections and recommendations. If the providers have evidence such as above, then they make their objections, and Comreg (should) re-evaluate their proposal.

The document specifically states that ComReg has shortened the normal consulation period because they want to get this in place as soon as possible - it's not meant to be the first round in a multi-round process, it's meant to be the final, dot the Is and cross the Ts, round. Therefore any hard data that is available should be included, precisely to forestall any silly foot dragging by recalcitrant providers who stand to lose considerable amounts of money because of this directive.

Of course, this document isn't the first that eircom has heard about this proposal. It wouldn't have seen the light of day if eircoms objections weren't already dealt with.

I don't think Comreg need to supply any hard data. Essentialy what they're doing is - "We've had a number of complaints about porn diallers, so we're planning on having the telcos bar calls to these places. Does anyone object, or otherwise have any feedback?". Lack of hard data would be more something to get in a tizzy over if they just went ahead and did it without consultation.

If Comreg have hard data, they should supply it. If they don't have hard data, then they shouldn't be issuing Draft decisions until they do have hard data.

Do you have some sort of objection to the use of objective facts, rather than fuzzy hand waving, as the basis for decisions about how Comreg regulates? I'm fully in support of this directive, based on the very skimpy information that I have available. But I'm not satisfied about decisions that are made on our behalf, on the basis of information that we aren't allowed to see.

spongebob

Eircom allow you to call Mobiles by default but will Block them free of charge (on request ) , same as 15nn numbers. This facility is recent (past 3 months) , it used to cost €25 setup and €3 a month on the rental.

The porn dialler countries will be off by default and you will have to opt IN to ring them. It also changes the burden of proof for kiddy porn merchants.

Ring Biddy on 1901 with your account number and check . It can be done there and then .

M

Ripwave

Originally posted by Glenn
Off topic, but do you get any spam for your.address@tinet.ie? I used to get it, despite never having a tinet address. Eircom must just be forwarding everything on. Does anyone know if they still do this?

Nothing to do with forwarding - technically they were both the same account, delivered to the same server, which put them insto the same mailbox.

16 of the 169 spams that I've received on one of my eircom.net accounts this month appear to be the same spam sent every couple of days to the tinet.ie version of that address. None of the 1,700+ spams sent to (what used to be) my primary eircom.net account in a two week period appear to have been sent to the tinet.ie version of that address.

eircomtribunal

Originally posted by Wassabi
So can you opt out of calling Cell Phone #'s from your home phone? With teenage girls in the house, I keep wondering if theres a way to block those calls, the rates are just crazy.

- Was

You can call all mobiles at national call rates with the likes of www.telestunt.ie.
You dial their number for connection to Irish mobiles, that is 0818 270 101, (possibly you can program your phone to dial this number with a shortcut), there you are prompted to enter the mobile number and pressing the hash button.
That's it. You have not to set up anything with them. You can try it out right now. You will be billed at national call rates and the billing is via your normal phone provider.
And by the way: you can use Telestunt for most international calls at local rates. In that case the number to ring is 1890 943 123. Look up their website for all the countries that can be accessed at local rates.

P.

BrianD

Nanny State - 1 Personal Responsibility - 0

What next?

gandalf

Don't feed the troll !

Moriarty

BrianD banned for a week. Whatever about your opinon that you held at the start, you're just bottom trawling now.

Doublezero8

What ever your views on the subject here are some funny links on it.

Link1

Link2

008

Doublezero8

The focus of this seems to e very much on Eircom . I take it all the mobile operatos would also have to follow the same guidelines ?
I know a few people who have had problems like this on mobile bills .

008

eircomtribunal

Doublezero8 wrote:

The focus of this seems to e very much on Eircom . I take it all the mobile operatos would also have to follow the same guidelines ?
I know a few people who have had problems like this on mobile bills .

008

"Draft Direction 2 a) Providers of Publicly Available Telephone Services shall..."

P.

mike65

The Last Word on Today FM is talking about this right now.

Mike.

spongebob

eircomtribunal wrote:

"Draft Direction 2 a) Providers of Publicly Available Telephone Services shall..."

P.

Every licencee that is !. Some phonecard systems are excluded as you ring an intermediate number first such as 1800 or 0818 before you outdial from their system at secondary dialtone.

M

Cuauhtemoc

The Last Word on Today FM is talking about this right now.

Only lasted a couple of minutes.
I thought Hugh Lenehan came across as a bit anti the proposal from comreg.

Also not a mention of the biggest earner from the scam either, pity they didn't research the story more and have some comment from sources other than comreg, who are unlikely to accuse our telco outright of profiteering from this.

Mr_Magoo

Hi. just been on to eircom customer support with no satisfaction
regarding porn dialler phone charges..see below for email we sent.




This Email is in response in not receiving any satisfaction
from a telephone converstion to your revolving door customer
service department.
The average bill for account no.
is 200 euro per month.
The bill for the last three months were 500, 400 and 300
euro plus, respectively.
These increases are intirely due to "porn dialer"
viruses that have evaded detection on our p.c. and caused
calls to premium rate numbers i.e. band 13, e.g. Diego Garcia.
Today we rang your customer service to block
calls to this "band 13" premium rate numbers and were told
they are unable to do so despite being aware of this problem
and also that BT in the uk have been proactive in blocking
these numbers for their customers.
This is a scandalous abuse of
your own customers, when to fail to take appropriate action
to protect them from future abuse. Also to fail to recognise
a commercial disaster on your part compounded by refusing
some sort of rebate on our bills, pushes us to
find an alternative supplier.
we await your comments.

p.s. anyone recommend a good supplier..?

Ripwave

Mr_Magoo wrote:

These increases are intirely due to "porn dialer"
viruses that have evaded detection on our p.c. and caused
calls to premium rate numbers i.e. band 13, e.g. Diego Garcia.

Is this dialler still evading detection? Is there any chance that these Diego Garcia calls weren't in fact made from your phone?

eircomtribunal

Mr_Magoo wrote:

BT in the uk have been proactive in blocking
these numbers for their customers....This is a scandalous abuse of
your own customers, when to fail to take appropriate action
to protect them from future abuse.

Eircom have not simply failed to take protective action for their customers, they have deliberately acted to maximise their profits from those Internet scams, by setting up the 360cent per minute Band 13, which bundles all the scam-infested regions, two years ago.
Eircom makes sure that none of their customers can protect themselves in an easy and cost-effective way against porn-diallers by blocking international calls and using a cheap 13636(Vartec) or 1890(Telestunt and others)International carrier for their international calls: They put up the stumbling blocks of a considerable set-up charge and a monthly charge – on top of that they discourage anyone who still wants to go for international call barring, by telling them, that Eircom will only guarantee international voice call blocking and not blocking of the modem.
I cannot see much difference between Eircom's and National Irish Bank's "activities", besides the fact that Eircom are using third party scams for their own interest and are not setting those stealth diallers up themselves.

While Comreg will probably put an end to this "business" by forcing the Telcos to treat the Band 13 countries as opt-in numbers, we should not turn a blind eye on what happened in the last two years.
After all National Irish Bank and AIB were not told: O.K. you were a bit naughty there, beginning next month you are not allowed to screw your customers in that way, but we will not ask you to rectify what you've done in the last years.
Alone the number of customers which have notified Comreg in 2004 and the sort of money involved would justify a thorough investigation, but surely the actual number of people and the actual amount of money involved is a multiple of those figures. And those figures can very easily be investigated from the account documents of Eircom.

Mr.Magoo, I'd be very interested to hear how your story develops. If you don't mind, please contact me by sending an email to "info@eircomtribunal.com"

Peter

PS. We've published a list of Irish Telco's and some recommendations on the last to blogs of www.comwreck.com

spongebob

Mr_Magoo wrote:

Hi. just been on to eircom customer support with no satisfaction
regarding porn dialler phone charges.?

While you are waiting you should do 2 things.

1. As a victim of fraud you should report the crime to the fraud squad, see www.garda.ie for details. Name David Mc Redmond and Phil Nolan as the suspects to be investigated, they are senior Eircom bods.

2. Clean the damn thing up WHEN the guards give you the go ahead, destroying evidence is not a good idea so you can carry on making calls after the Fraud Squad acknowledge your complaint because you have evidence on your PC.

If you are not reporting it to the Fraud Squad

3. CLEAN THE PC NOW and Patch it up .

4. Also ditch Internet Explorer forthwith and use Mozilla firefox browser instead , 3Mbit download www.mozilla.org. Switching to Mozilla will not affect the evidence already on your PC

M

Mr_Magoo

Received an email from eircom customer care saying the matter will be investigated and someone will be in touch as soon as possible. or words to that effect...
Im going to be away for the weekend, but will keep you posted.

Mr_Magoo

eircomtribunal

Has anyone access to those articles in the Irish Times and could post them or let us know the gist of them?
"State wins from telecom leasing"
"Bid to end 'modem hijacking'"

P.