Security news23 June 2004
Dial-up internet users warned of premium-rate telephone fraud. Sophos advises users on how to protect themselves
 |
| Premium-rate diallers are often used to access pornographic adult websites |
The UK's telephone industry regulator, ICSTIS, has warned consumers of the increasing number of internet users who have fallen victim to premium-rate telephone fraud.
ICSTIS has received a surge in complaints from users who have received excessive phone bills having been hit by Trojan horses on their computer, which have taken over their PC's modem connection to make calls to premium-rate numbers. The increase in complaints has forced ICSTIS to ask the National Hi-tech Crime Unit (NHTCU) to investigate the claims, many of which appear to be about premium-rate "adult" phone services based in Moldova.
In 2003 the percentage internet-related complaints about premium-rate services as a proportion of the total number of customers making complaints about high telephone bills was 70 per cent. A rise from 2002 when it was 43 per cent, according to ICSTIS.
"A Trojan horse, secretly installed upon your computer, can change your internet settings so you always use a premium-rate number rather than your regular ISP's dial-up code," said Graham Cluley, senior technology consultant for Sophos. "Often these premium-rate diallers are installed to allow you access to an adult pornographic website, but they may also be used by others who are less upfront about how they intend to change the settings on your computer."
Sophos advises users that diallers are not likely to affect broadband users, but only computer users who still connect to the internet via a dial-up modem.
Anti-virus software like Sophos Anti-Virus can detect known Trojan horses that secretly change dial-up settings, but as there are more being written all the time computer users are advised to be very careful about software they allow to run on their computer. Broadband users are recommended to check whether their computer still has a dial-up modem connected to a telephone line, which could be exploited by this type of attack.
"All computer users should keep their virus protection fully updated to protect against the latest malware attacks," continued Cluley.
BT has published an advisory on its website telling customers how to avoid premium-rate dial-up fraud. British users who have suffered from expensive premium-rate services can file a complaint on ICSTIS's website.
