Last month, Durban entrepreneur, Tracey Collier, was shocked to find her
phone bill dotted with phone calls to Samoa, on occasions when she believed
she was dialing out to a local internet service provider.
The culprit was a "rogue dialler" -- a spyware variant that surreptitiously
loads itself onto your hard drive and changes the default dialup settings
that allow you to connect to the internet. The software then mutes the
modem's speaker so you can't hear the subsequent dial-out sequence that
connects your computer to premium numbers around the globe. Some of the
numbers offer limited internet access misleading you into believing that
you're just having a bad dial-up day.
"Suddenly we had a slow connection -- and it drove us nuts," says Collier.
"Out of desperation I phoned M-Web. They told me to delete the old
connection and make a new connection, and everything was back to normal.."
That was, until she received her phone bill with over a thousand rands
worth of phone calls to the South Pacific island, averaging at around R8 a
minute. Now Collier is asking why Telkom isn't protecting or at least
warning their customers about this costly phenomenon.
"How long have they known about this? And who is profiting from it?" asked
Collier.
Telkom spokesperson, Roshelle Pillay, said although the operator had noted
"random and isolated" cases such as Collier's, she said "it has not emerged
as a trend".
"Sometimes, the existing call into the ISP is disconnected and a new call
is launched from the PC via the modem to an international number without
the customer being aware of this," said Pillay.
"Customers using the internet should always read the terms and conditions
of websites before accessing information; they need to also be aware that
some sites re-route calls to operators that charge higher rates in order to
make money."
Pillay said Telkom could only offer a product, BlockCall Plus, at the
customer's expense, to block some or all international calls.
"The company cannot restrict the use of the internet, nor prescribe what
international destinations can or cannot be dialled," she said.
Telkom's response will offer little comfort to South Africa's dial-up
users, which number over one million.
Public pressure has prompted international telecommunications companies and
regulators to take active steps against the scammers, who usually place the
software on pornography and illegal music download sites.
Ireland's Commission for Communications Regulation has given
telecommunications operators in the country until Monday next week to block
direct calls to thirteen countries -? most of them in the South Pacific
islands -- after receiving hundreds of complaints from consumers who were
affected by the rogue dialers, reported the French news agency AFP.
British telecommunications company BT has also reportedly blocked hundreds
of numbers commonly used by the scammers.
M-Web spokesperson, Andre Retief, said the company has not sent out any
specific alerts on the threat to its quarter million dial-up subscribers.
"We're not going to send out a general panic alert to 250 000 people,
because the reality is that this is one incident. I know of no other at
this point in time."
He said their technical staff were "well-equipped" to deal with the problem
on a case-by-case basis.
Retief said spyware loads itself into "the heart of somebody's machine",
the system registry, making the removal process complicated and sometimes
damaging.
"Yes we want to help the person, but we don't want to take responsibility
for them downloading an application that we say has all the bells and the
whistles, fixes their malicious intent problems but breaks a few other
applications on the machine."
According to Retief, his company will soon introduce a web-based scanner
which will identify spyware threats, and then direct users to appropriate
software to solve the problem.
South African internet law expert, Reinhardt Buys, said in most cases
neither the telecommunications provider nor the ISP is legally liable for
costs incurred by rogue dialers.
"If an end user applies for a telephone line or internet access, he or she
generally agrees to certain terms and conditions. These generally include
provisions that the service provider will not be liable for damages related
to the use of the service," said Buys.
He said ISPs are also legally protected by the Electronic Communications
and Transactions (ECT) Act. According to Section 78, said Buys, "there is
no general legal obligation on an ISP to actively seek evidence of unlawful
activity".
However, ISPs may have to take a more active role in the future.
"The Department of Communications recently issued the proposed regulations
that will govern the limited liability of ISPs for public comment. These
regulations contain many provisions that seem to indicate that an ISP does
have a duty to warn and inform its clients about risks such as rogue
dialers," said Buys.
Webmaster for the Internet Service Providers Association, Bretton Vine,
said the association, which represents more than 82 South African ISPs, is
aware of "similar problems around the world".
"Many members already try and educate clients on the value of installing
anti-virus software and using tools such as Spybot or Adaware to remove
spyware, malware, adware and other programs such as dialers."
"A search at http://www.google.com for "spyware removal" will generate a
lot of results to programs [commercial and free] which can improve the
security of a user's computer."
"Regular updating of antivirus databases and installing operating system
updates is essential too."
Users should also check their dialup settings to ensure their ISP phone
number hasn't been changed by the malicious software.
http://www.mg.co.za/Content/l3.asp?cg=BreakingNews-Business&ao=123303&t=1
Und wie immer bei der Auslandsdialer-Problematik wills niemand gewesen, und keiner schuld sein...
