Surfers count the cost of internet hijacking

It is difficult to track down hackers who are charging exorbitant fees to dial-up modem accounts, writes Jamie Smyth , Technology…

It is difficult to track down hackers who are charging exorbitant fees to dial-up modem accounts, writes Jamie Smyth, Technology Reporter

Bob (not his real name) got a shock last week when he found a €1,136 telephone bill in his post. The father of two from Westmeath had no idea how his bill could have jumped tenfold in a single month. But a glance at his invoice showed that it was a series of calls listed to a foreign telephone number that did all the damage.

The invoice showed that the calls were made when his 15-year-old son was using the internet. It also highlighted that the calls were charged at a rate of more than €4 per minute. Not being particularly computer literate, Bob unplugged the family's computer, rang his telephone company to query the bill and read up on the latest internet fraud called "modem hijacking".

The fraud, which is also known as "autodialling", is perpetrated by internet hackers based in offshore locations that are able to reroute a computer user's telephone link to the internet. Once the call is rerouted through foreign locations, fraudsters can claim a portion of the cost of the telephone call, which is typically charged at rates of up to €5 per minute instead of the usual dial-up charge of one to five cent.

READ MORE

The family, who did not want their real name revealed to protect their privacy, are just one of a growing number of Irish victims of the fraud.

Last week, Eircom and BT Ireland reported that 80 Irish people are reporting modem hijacking frauds every month. In addition, communications regulator ComReg says it receives 15 consumer complaints a month about this online fraud.

"This (modem hijacking) is exactly the same problem that businesses and consumers are facing with the rapid spread of adware, spyware and bots," says Christopher Bolin, chief technology officer at the US computer security firm, McAfee.

"We are seeing rogue software install itself on people's computers without their knowledge and execute a code that can redirect a person's dial-up internet settings."

The software is often installed automatically when a person clicks onto a particular website or attempts to download a dialler from a disreputable website. Sometimes, the website advertises the dialler as a way to pay for online content without using a credit card, however increasingly, websites install the autodialler without the person's knowledge of the charges.

The most common type of websites to deploy autodiallers are those offering premium-rate content, including chat rooms and desktop wallpapers, says Ian Cloran, revenue assurance manager at internet firm BT Ireland.

"There is a misconception out there that it is only pornography or gambling sites that use rogue diallers," he says. "But it is much more far reaching these days."

About 400,000 consumers and businesses that use dial-up internet services could fall prey to this form of fraud, but people using broadband cannot fall victim to modem hijacking as they have an "always on" connection to the internet at a flat rate, according to Cloran, who this week launched a programme to offer free software to internet users to protect their computers.

"The software is available to everyone using a dial-up connection and once downloaded, it informs the consumer if an autodialler attempts to change a user's dial-up internet settings," he says. "This will enable all computer users to know when modem hijacking is occurring."

Offering consumers protection for their computers should be a priority for telecoms firms, given that the industry has agreed a code with ComReg to compensate unwitting victims of modem hijacking. Yet Hometel, Bob's telephone provider, is still demanding that its €1,136 bill is paid.

"First of all, they said that I am liable for the entire bill and then a customer services agent said they would cover the Vat part of my bill," says Bob, who called The Irish Times after reading an earlier article about modem hijacking. "I don't think I should pay the bill because we were scammed and didn't know we were incurring the charges."

Hometel, whose parent company is based in the US, said it could not comment on individual customer cases due to data protection law. In a statement, David Sheill, a director at Hometel, said it sincerely regretted any problems its customers had due to modem hijacking and highlighted that it had warned customers in a recent bill insert about how to avoid the fraud.

"Hometel does not assume responsibility for phone calls made by its customers nor can it prevent customers from making certain types of phone calls without the explicit direction from its clients," said Sheill.

"It is impossible to discern if a customer has availed of services provided by certain web pages due to a customer's initiation of such services or if the use was due to a modem hijacking."

There is anecdotal evidence that other telephone firms are not adhering to ComReg's new voluntary code on modem hacking either. This is despite an agreement by ComReg to lift a ban on direct-dial calls to 13 countries, mostly in the South Pacific, which is where most modem hackers are based.

The countries, which include Diego Garcia and the Solomon Islands, are well-known as locations that fraudsters use to redirect telephone calls for modem hijacking operations.

ComReg agreed to lift the call restrictions after lobbying from the telecoms industry, which was concerned that it could lose revenue from genuine calls, and the 13 states, which were concerned the ban may be copied by other states.

"We would continue to review the situation in relation to autodiallers and our goal is to protect consumers from fraud. However, we would be reluctant to go back to a ban, which was an exceptional measure," says Mike Byrne, ComReg commissioner.

Byrne is also adamant that companies should adhere to the codes drawn up at the time when the ban was lifted last year. Any company found not to be complying with its own consumer policies will be investigated, he said.

And even maintaining a ban on the 13 locations most associated with modem hijacking is not guaranteed to stamp out the fraud.

Cloran believes that there is evidence that the fraudsters are now using more numbers and locations in Europe.

"We have had a number of instances where calls have been rerouted to Austria, Finland and the Baltic states, and clearly it will be impossible to cut off direct-dial calls to these states."

So in the absence of bans on direct-dial calls which are simply not practical, consumers are best advised to install security software on their PCs and to take care when surfing the web.