Have you recently
noticed any expensive calls on your phone bills that you didn't make? If you use a modem to connect to the Internet (or, in some cases, if you're a broadband user), this may be the result of an online scam
that's been occurring in Europe for some time. If you haven't fallen victim to this scam, and if you're careful, you should be able to prevent it from happening to you.
The scam involves tiny Trojan horses that...run up your phone bill by dialing for-pay numbers.
The scam involves tiny Trojan horses that are installed on your PC without your knowledge, which then run up your phone bill by dialing for-pay numbers. They're able to do this in part because of security holes within Internet Explorer.
Pay by telephone bill
These software phone dialers do have legitimate uses. They're often used by sites that offer pay-per-view content, such as interactive games, sports trivia, or pornography, as a way to keep track of the minutes you've used and to charge you on your phone bill.
The problem is that sometimes dialers are installed on your system without your consent and change your dial-up settings to call expensive long-distance numbers. This scam is usually perpetrated by fraudulent companies that set up sites full of ActiveX multimedia content. Should you visit the site or click a pop-up ad for the site, the dialer would be downloaded onto your system along with the rest of the site's content. The only possible clue that this has happened to you is the appearance of pop-up ads from sites you don't use; the real proof is the extra charges on your next phone bill.
These fraudulent companies have two ways of running up your phone bill. One is a high per-minute charge (as much as $5) for allegedly using their service. This appears on your phone bill but actually will be paid to the company. The other is to have your computer make direct calls to international numbers. If you complain, your phone company may be willing to forgive the high per-minute service charges, because they're used to scams that take advantage of their customers in this way. But they're less likely to forgive the charges for the direct-dialed numbers, because it's harder to convince them that you didn't call the numbers yourself.
Flaws in Internet Explorer
So what does Internet Explorer have to do with this? It's a flaw in this browser that allows the scam to work. The flaw, discovered by security company eEye Digital Security
in August 2003, allows malicious code, including dialers, to be installed unknowingly when users visit compromised Web sites. Because of the flaw, Internet Explorer doesn't distinguish between legitimate ActiveX content and malicious Trojan horses.
While Microsoft has issued a patch
for this flaw, several security experts insist the patch does not solve the problem, it addresses only the immediate symptoms. And to make matters worse, there's also a new Trojan horse, QHosts
, that, while unrelated to dialers, makes use of the same IE flaw to change the way infected users look up Web sites on the Internet.
It's not only dial-up ISP users that are vulnerable to this scam, but some DSL and cable-modem users, too. How? In some cases, 56K modems (either internal or external) remain connected to active phone lines even after broadband service is installed on a computer.
Sweep for spybots
My advice to DSL and cable-modem users is to remove the phone line to your PC's internal modem, and if you're not using it, to remove your external modem altogether. If you need your modem for receiving faxes on your PC or for other purposes, then crank up the volume so that you'll be sure to hear every time it dials a number.
My advice to DSL and cable-modem users is to remove the phone line to your PC's internal modem.
My advice to everyone is to download
and periodically run Spybot Search & Destroy
, a free antispyware app that removes virtually all known dialers from your PC.
Have you been a victim of errant phone charges or any other online scam? What happened? Do you have any other tips for other users? Tell me about it--TalkBack to me!