61. Security updating key to
thwarting annoying emerging modem hijacking
By Mark Alberstat
Although most computer users know about viruses, there is one type of
attacker many users are not familiar with and that is a dialer virus,
sometimes referred to as modem hijacking, dialer hijacking or Internet
dumping.
These attackers are often worse than other types, as they often end up
costing the victim hundreds of dollars in long-distance charges.
Dialers covertly use your modem to dial long-distance phone numbers, often
to small African countries, and run up enormous charges on your phone
bill.
Some of these programs operate while you're surfing the Net or reading
your e-mail. Other versions operate when you're away from your machine,
dialing numbers after your computer sits idle for long periods of time.
These programs can dial a number many times faster than a person can,
sometimes about one call every second or two. The modem's owner is on the
hook for these calls that are made to small nations that charge high fees
for incoming international calls. Each call may cost several dollars in
access fees, even if the call only lasts a few seconds. The four countries
that are most often called by these programs are Sao Tome, Guyana, Guinea
Bissau and Nauru.
Who can become a victim of these attacks? Any Internet user who dials into
an Internet Service Provider for access. The vast majority of these
dialers are downloaded into your machine when you, or someone using your
computer, clicks to say yes on a popup box offering a great deal on some
product.
Some dialers are, however, brought into your system when you use Internet
Explorer through a type of plug-in called ActiveX. ActiveX programs run on
a website and can be downloaded into your computer when you view a web
page using them. If you keep your Internet browser up to date with
security patches, your browser will ask you if you want to allow an
ActiveX program to be installed. It is best to deny these requests, thus
eliminating any chance of your computer being infected in this way.
To protect yourself against dialer virus attacks there are a few basic
things you can do. The first is, of course, not to download anything from
a website of which you are not completely sure of. It is also best to read
all disclaimers and warnings before you download any software. Keep your
anti-virus software up to date, install anti-spyware software and check
your phone bill carefully each month. Some phone companies will make
allowances for these charges but ultimately, they did occur on your line
and you are, therefore, responsible for them.
One of the most popular pieces of protection software against modem
highjacking is an Australian product called StopITNow! This software costs
$21 but there is a free trial version available. Visit
www.download.com
for all the needed information, including a link to the trial version.
The Mousepad runs every two weeks. It's a service of Chebucto Community
Net, a community-owned Internet provider. If you have a question about
computing, email mousepad@chebucto.ns.ca. If we use your question in
a column, we'll send you a free mousepad.
Originally published 5 June 2005
