That’s what it’s called here. You connect to your ISP and you are re-directed to a “premium rate” service which may or may not (depending on your browser settings) advise you that you are about to be disconnected from your own ISP and be charged around $5 per minute for your connection time which will be billed to you through either your telco or your ISP.
As we only have dial-up access and quite deliberately have any calls other than local ones barred, it doesn’t work if you try to redirect us to a premium service - our internet connection simply drops out (which costs us another 20 cents to dial up but that’s bugger-all compared to premium rates).
Until the last 48 hours, I’d only heard of porn sites doing this - now I’m starting to hear back of more widely accessed sites redirecting people. Please check your options in your browsers and make sure that they are configured in such a way that you cannot be redirected to a third-party premium rate site without your being aware of accepting the charges.
If you access the internet by any kind of “open-billing” line (whether cable or dial-up) to which extra charges can be added, you might want to set up some passwords or other barriers which prevent any kind of automatic redirection and billing.
I’d be very grateful for any advice from the net savvy people here on how to protect ourselves from this practise beyond the obvious things of having and using firewalls, adjusting our cookie settings, and protecting access to our net connections…
issy*, it isn’t the ISPs which do it, and that’s the problem - people are getting hit with huge bills from Telstra and Optus related to these 3rd party billed services.
Is dumping illegal? Well yes, it is under our consumer laws, just as all those “competition” entries whereby people changed their mobile phone carriers were illegal.
The problem is that the Telco/cable company charges stand unless you can prove that you did NOT consent to them or that they are fraudulent. In most cases, neither is going to be the case.
It might be required by AUSTRALIAN law that every premium charging services reveals its charges upfront, but it’s not required in all other nations and we can hardly blame Telstra or Optus or our ISPs if some international organisation backbills us through them for services which we HAVE accessed. Telstra ahs published a report on this. Not ONCE have the found the originating service to not have been legitimately accessed. IE, people are NOT dialing in or otherwise accessing net accounts which are not theirs in these cases - what’s happening is that consumers are clicking on the equivalent of “I accept” buttons without understanding what they are accepting, and by clicking on those buttons they are creating legally binding contracts.
I hate Telstra as much as the next person, but if I enter an overseas website which can bill through them I can hardly blame Telstra for my naivete if I don’t like the phone bill when it arrives.
This is the first time I’ve heard it could happen merely by visiting a site, and I’m inclined to be a bit skeptical. Usually, the company has you download and run software in order to do this.
All descriptions tend to confirm that: In order for the dumping to take place, you need to download and run the files that make the changes. So one important safeguard is to be careful about what you download. Never run any downloaded executables (i.e., program files) unless you’re absolutely sure they’re safe. If you’re not sure, do a Google search on the program and see what turns up.
Big article in our major newspapers about it after investigations by our telecommunications ombudsman after complaints about our telcos. I’ll grab the SMH article for you when I wake up. Although the specific investigation related to charges billed through dial-up (and it’s very unusual for our Ombudsman to find our biggest telco not at fault), the same principle could be used to exploit any “open-ended” billing system, including cable.
I’ll give you three links tonight - there are others, but the SMH ones were the easiest to pull. This is now under investigation by our government because it seems to be an exploitable loophole.
These are all reports from the computer section of the Saturday edition of the Sydney Morning Herald. I’ll get you the cites from other sources in the morning when I wake up.
There are more recent articles relating to this practise, but they aren’t all easy to find at close to midnight (our newspapers have these odd very recent and very old “free” periods in relation to their archives). Nontheless, this should give you enough to go on with until I pull up the other reports in the morning.
However - if this piece of software they mention in the 3rd article tried to dial up, wouldn’t you hear it? Using a 56k modem that is.
And with cable - isn’t that a dedicated line to your ISP anyway? Such that any connections after that (ie to the Internet at large) is their responsibility?
Cable is still only a starting point istara - where you choose to go from the launch pad your ISP provides is pretty much YOUR responsibility, not that of your ISP. The problem in Australia is that premium services can be charged against your ISP account unless you really careful about the way you’ve set up your ISP account.
On an average day visiting messageboards I get about 50 re-directs (mostly to those providing banners on those sites). I run a pop-up killer as standard unless I absolutely have to disable it (and many sites do have their help screens set up in pop-up form). I never disengage my firewall, my virus-scanner or my spyware detection programme unless I’m offline and running routine maintenance.
As I do not ever run this PC with the sound turned on, I have all visual alerts enabled - nonetheless, things as simple as <img> links can bring you undone if you aren’t paying attention to what your PC is doing and where it’s sending you.
If HTML was allowed on this messageboard, I could link you to a pic or a sound file in my post and you probably wouldn’t even notice that I’d sent you offsite - you’d probably think that the image or sound in my link was stored on the SDMB server unless you were paying close attention when you clicked on my link.
It isn’t that difficult to redirect people without them noticing.
I’ve known (and seen warnings) about hidden dialer programs disconnecting you and reconnecting via 900 line for years (including the turn-off-the-sound-on-the-modem trick).
This scam seems pretty simple to understand.
What I don’t understand, and what the above links did not explain (and my google search did not turn up anything) is how people using cable are subseptiable to this - AFAIK, a trojan can’t disconnect your cable connection and send you to a different cable provider (or can it?). Anyone have info on this?
People running cable modems only with no regular modem connected to their computers should be safe from this trick. Same goes fot those with DSL or sattalite internet connections. This only works if you have a phone line connection.
Luckily my modem makes an audible click usually if the connection drops out. Plus I imagine they haven’t bothered to make a Mac version of this thing yet (I hope) as I never manage to get viruses or worms on my Mac, it just treats them as unreadable files.
And if my work peecee starts redialling itself to a sexline in Botswana, then so much the better, as my boss will end up having to pay. Cheapskate put in computers without soundcards for god’s sake (in a media organisation in the year 2001) so he deserves all he gets IMO.
Can this devious thing be detected by AdAware? Anyone know the name of this software that turns your speakers off?
Hey reprise when in Oz and on dial-up you can try the following.
Call your carrier (local or long distance, they may not be the same) and request that they bar access to Premium (190x) and International (0011) calls.
Once your line is barred, the SW should never be able to dial out to these and you should notice that youre modem has disconnected and won’t reconnect when it dials the premium or international number.
I offer no guarantees, but it’s worth a try, especially if you rarely use premium and international. You can always unbar them for the rare occassion you call them, or ask if there is a specific override code that you can use in the rare event.
Our net line is barred for all but local calls, so we’re at no risk of getting dumped.
What I’m less certain of is what happens to people who run their net, cable, and phone line access through the one cable - as do heaps of people who use either Optus vision or Telstra packages; in that circumstance, wouldn’t your PC effectively have access to your phone line even though your PC connection itself isn’t on dial-up?
reprise I have the Optus package at home, with one phone line run through the same cable as internet access. I’m pretty sure that the computer can’t access the phone aspect of the cable. There is simply no conventional modem in the computer to do so, so I don’t think that even if I did download and run a dialler, it could access a phone line.
I think that the articles you have linked are confusing the issue in a couple of ways (hardly outside the norm for popular media reporting of tech issues!). Firstly, I don’t think that merely by clicking on a website, dumping can occur at all. You have to download a dialler and run it. And neither you nor I is going to be so stoopid.
Secondly, it is the dialler using your phone line to dial expensive international or premium rate lines that the telco can charge back to you. They cannot charge back to you simply on the basis of sites that you visit. I think the articles to which you link are confusing in that they do not make it clear that it is downloading the dialler from the website and using it (rather than simply visiting the website) that is causing the problem.
And finally, my firewall (and I assume yours too) prevents any unauthorized program from getting outside access (although it would take someone with more knowledge than me to tell you if this is foolproof in these circumstances).
there are some cable modems that use a dial-up connection for upstream data (while using the co-axial cable for downstream data) … perhaps this is the phone line being manipulated… not sure…
If I had “accidently” downloaded a dialer for a porn site and run it, I am quite sure I would be telling the wife that I had no idea why the phone bill had jumped by 100s of dollars and it must be the phone companies fault!
After reading this thread, I agree with everything Princhester has said. It’s not as big a problem as it’s made out to be and won’t affect any cable or DSL connection at all.
And scm1001 that’s probably most of the reason it’s been beaten up this much ! Thanks for the chuckle.
