Ireland Cracks Down on Online Scammers

bizpile writes "Ireland has decided to take some extreme measures to crack down on one type of online scam. They have decided to suspend direct dialing to 13 countries (mostly South Pacific Islands) in order to halt the use of auto-dialers. The measure, announced by Ireland's Commission for Communications Regulation, came in response to hundreds of consumer complaints about the scams. ComReg acknowledges that its move is extreme but says that previous efforts to raise awareness of the problem failed to significantly diminish complaints. ComReg will keep the block in place for six months, after which it will be reviewed. All direct-dial calls will initially be blocked, although the regulator is also compiling a "white list" of legitimate numbers that consumers have requested to call."

What's the scam ?

[Space+cowboy]

I mean I can see that if it's just to make people pay when there's no need, it'd be a real pain where it hurts, but if it's to try and collect on that money (by setting up a high-cost line then using a virus/trojan to change the settings to dial it), there must be someone making money out of it. Surely it ought to be possible to track down by the payments ?

I suppose the line owner could claim innocence, but they'd have to be damn convincing about it if lots of people suddenly start dialling this high-cost line.

Simon

Re:What's the scam ?

[aug24]

Tariffs are paid between phone networks, then call revenues are paid on in the receiving country to the person/entity who owns the line. That person is 'somewhere else', obviously. Chuck a few paper companies in awkward places in the chain and you're stuffed.

The telcos can't ask their opposite numbers for details, and can't refuse to pay for certain numbers either. So blocking them at root is (a) their only option and (b) a jolly good idea because all the poor buggers like my brother (who got caught for 125gbp just the other day - bloody MS insecure ^&*&^%$) would find their net connection refused and realise that they're being done.

Justin.

Re:What's the scam ?

[jobsagoodun]

They already do delay it. There was a brilliant scam done to BT 10 years ago when premium lines first came out. The scammers got two offices, and put 20 phone lines into one, and 20 premium lines into the other. The bills for the premium lines got paid out (to the scammers) every 30 days, but the phone bills on the out going lines were payable every 90. So the scammers phoned up the premium lines from their outgoing lines & too two months money off BT.

At that point I think BT made the billing cycles the same!

Re:What's the scam ?

[Tim+C]

a jolly good idea because all the poor buggers like my brother (who got caught for 125gbp just the other day - bloody MS insecure ^&*&^%$) would find their net connection refused and realise that they're being done

That's the other good thing about ADSL - I don't have to worry about shit like this. No (traditional) modem, no way it can dial out. Good job too, as in the past I've had to clean a handful of the little buggers off my girlfriend's PC.

Sucks to be caught out by this sort of thing though - hope your brother gets/got the money back.

Re:What's the scam ?

[DrSkwid]

Physicians, Judges and Laywers across the world hear this :

Even if I am lying in a coma, I don't want my cronjobs stopped!

Yours of sound mind and body,

Dr, T. Skwid Esq.

Re:What's the scam ?

[aug24]

hope your brother gets/got the money back.

Not looking likely... but tell your MS-using UK friends: BT will password protect premium numbers so they can't be used by a dialler.

J.

Re:What's the scam ?

[woodhouse]

You're not susceptible to auto-diallers maybe, but with an always on connection, you're a lot more susceptible to viruses generally. Using a router with DSL or cable is a good idea, if only for the hardware firewall.

How to deal with Spam/Scam

[CdBee]

Lesson One. Be a European regulatory authority!

BT, here in the UK, have been doing some similar actions recently although on a less extreme scale.(One of which is maximum cost control, they refuse to route any call where the cost is higher than the maximum cost for an inland premium-rate call in the UK).

Its good to see regulators and firms acting to protect the more clueless users from themselves, as long as it doesn't prevent people requesting a line be opened.

power of boycott

[tsunamifirestorm]

What about all those legitimate businesses that are dependent solely on Ireland for their existance? Seriously though, If more countries were like this, it would probably force the governments to crack down on scammers (or at least try to).

White lists

[hackerm]

the regulator is also compiling a "white list" of legitimate numbers that consumers have requested to call

So what's going to stop owners of those numbers in foreign countries to send an email requesting that their number is whitelisted?

Re:White lists

[johnjuanny]

Population is up to just about 4 million now, according to the last census. Which is of course still tiny (small enough that I'm pleasantly surprised that we're talking about Ireland) - but you'd be surprised how much is worth the scammers' time. With about 1 - 1.5 million people on the 'net here (IIRC from an article I read recently), it's still a healthy target market - especially as the vast majority of those are still on dialup since broadband is only now taking off here. Also I wonder just how well policed and updated this white list will be. It's easy to see it being quietly forgotten about. Still, seems to me to be an encouraging move.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Will this ever work

[REBloomfield]

Try reading the article. This isn't a spam issue, it's a premium rate dialler issue. If they move operations in a big way, then Ireland can react in the same way. To be honest, I can't imagine the loss of Ireland will make them want to move...

Lets loose premium rate dialup.

[pklong]

Why not just ban all premium rate dial up sites. They are just breeding grounds for porn sites and scams. I've yet to see a legitimate use for them. We could do without them.

If you want to charge for a service get the customer to enter their credit card details / set up an account. If you think they would be unwilling, then that speaks volumes about your business.

Pin codes on international/premium rate

[16K+Ram+Pack]

Maybe Windows should make it a little more difficult to go altering dial-up settings. How many users would mind a warning message saying "a program is trying to change your dial-up".

Does any spyware/anti-virus software check this (and I don't mean check for a piece of particular spyware, but check the behaviour).

Good Idea

[XeRXeS-TCN]

It's a fairly good idea, all in all... It's kinda similar in certain respects to the way most firewalls are (or should be) configured; block all, allow selectively.

Clearly no company wants to cut into their profits, so I'm sure they very carefully analysed calls to the blocked areas over the last while, to see how many calls were made out to them. If they were used all the time by customers, they wouldn't consider it feasible to ban the entire selection.

It could be considered to be extreme, but it's certainly not any sort of censorship. They have said that they will compile a "white-list" of numbers in those territories, so if you have a legitimate reason to be calling those places, they are more than happy for you to do so. Again, just like configuring a firewall for the first time, it is a bit of a pain to allow all the things you need to, but you end up with a much more secure system.

Extreme but a step in the right direction

[CheesyPeteza]

Atleast its finally showing a government willing to do something about it. You can't just educate people overnight to become IT experts and never get fooled again by some auto dialer. There will always be people who don't understand the system they are using. Education isn't a complete solution, the telephone regulators have to step in and do something. I would actually like to see a ban on the extreme premium rate calls completely (the ones that charge about 1000% the price of the call), but still allow the double the cost ones for TV programmes to make money in their competitions/polls like who wants to be a millionaire etc.

Re:Extreme but a step in the right direction

I agree. The fact is that the Internet is populated by an awful lot of people who are completely uneducated regarding the pitfalls. I know at least one person who was a victim of one of these dialers, and Eircom were only too happy to charge her the 60 euros for the price of a single call to Papa New Guinea. Frankly, innocent people were getting scammed out of a lot of money, and it had to stop. Predictably, Eircom, or Eircon as they're commonly known here, seemed happy to let it carry on, and make money out of it themselves.

Alas, the south pacific isn't a particularly well-regulated place. Its not as easy as saying "just send the law enforcement around to whatever business is doing this". I think the ComReg plan is the only practical solution available under the circumstances.

Re:Is this the proper way?

[WegianWarrior]

Impact on the dialers? Hardly. Cutting into the flow of money to the scammers? Maybe a little bit. Preventing a lot of unfortunate, computer-illiterate irishmen from raking up giant telephone bills? Sure thing.

And as far as I can understand the article, thats what it's all about - not to stop the scammers per se, but to prevent people from falling itno their trap. And as such, this is a Good Thing (tm) as far as I'm concerned.

You could try to educate Joe Avrage (or Ola Dunk, as we call him), but even if you should manage that - and it ain't gonna be easy - it's all in wain when their spouse, stipid kid or geratic grandmother just 'borrows' the PC for a bit and clicks on something they shouldn't have clicked on... back to square one. Blocking whole nations like this may seem extrem, but it works. If you have a legitimate reason to call there, simply call the telco and ask them to put that number on the whitelist.

A simular sceme - allthought user-initiated - are in place in Norway. You can ask that your phone shouldn't be allowed to call abroad, except to numbers you spesifificly designates. Or you can tell TeleNor (the biggest telco in Norway) that your phone isn 't supposed to call abroad, unless you dieal a spesific code first. I had to have a collegue set that one up, since his wife was (still is, despite countless attempts at teaching her) in the habit of clicking 'yes' to everything on screen...

make such scam billing illegal

[frovingslosh]

So why not pass a law against any "automatic" payments on a telephone bill going outside the country? The end user shouldn't be responsible for this type of fraud at all, and if the telcos had to resolve any such charges themselves rather than making their cut when the end user was hijacked and scammed, you can bet they would be more motivated to clean up the system as well.

Of course, you might still need to block some popular scam countries, if only to protect the citizens from running up not insignificant long distance time charges (and you certainly can't stop the telcos from charging from long distance time, but you can stop them from charging the extra fees that motivate this problem in the first place). If enough countries got around to saying flat out that we know this is a scam and we are going to legally protect our citizens from the "fees" they are being scammed out of, then eventually the problem would go away and there would be no need to block numbers. But as long as the government sides with the crooks and their telco accomplices and allows the telcos to go after the victim in this scam, the problem will not only continue but will grow; this article is the proof of that.

What little, if any, valid charges one incurrs while calling another party by long distance could certainly be covered by other and better means than allowing it to be directly billed to a telephone number (credit card, for example). Enforcing this would be far better than exposing all of your citizens to a scam based on a flawed telco business model and blocking whole countries from your long distance system.

Personally, I wouldn't mind seeing this type of billing go away completely, even for calls within a country. But at least there is a good argument that any scammers operating this way inside a country can be caught and taken to court; which is often not the case when they are on the other side of the globe. A few simple changes to the law, such as forcing the telcos to hold any payments for several innitial months to be sure victims have time to complain about scam sites and block those payments, should be adequate to stop hit and run scammers from seting up shop in the country they plan to run their scam in. And, of course, a law should block incoming international long distance telco "special fees", not just outgoing ones.

I also live in Ireland, Eircom not to be praised

[zoney_ie]

Those bunch of muppets Eircom deliberately grouped the specific countries in question as "Pacific Islands" (even including one or two west African countries) in a certain tariff band. They then racked up the prices for this band. As it was merely international rate, not a premium rate (we have 15xx regulated premium nos.) people could not have it blocked.

My guess is the business that lost 12,000 and others complained to ComReg (the regulatory authority).

It all comes down to education.

[sofakingon]

It all comes down to education. If the people in general were more suspicious and critical of people, especially online, and new about basic security measures, this kind of thing would happen more rarely.

However, people will not "wake up" to a fact until it (A) impacts a large enough segment for the media to report on it or (B) impacts business enough to have them protect their infrastructure better and/or buy air/press time (see A above)

Government regulation is not the answer. It creates more red tape and toothless laws and raises taxes. Businesses (to include telcos, whether a state or private) should be innovative, not lobby the government to protect a broken system.

Re:Duh!

[julesh]

D'oh!

That should read:

"..., please dial [random 3 digit code] now."

Germany & Switzerland

[CaptainZapp]

In Germany dialers must be registered with the respective authorities otherwise it's illegal and the scammers are not entitled to collect anything.

If premium charges are racked up the user must physically type OK into a box before the dialer gets operative. That doesn't help too much if in addition to the dialer a troyan is sneaked into the computer that OK's it in a for the user transparent fashion.

In this case the number was shut down and the scamee mustn't pay.

In Switzerland dialers to premium numbers are outright verboten, since this year. Period.

Re:I also live in Ireland, Eircom not to be praise

[forgotten_my_nick]

I fixed a few machines with dialers on them for friends and family (I am also in Ireland). Some of them had phone bills of over 600 euros to these countries. I am happy they are doing this. It is a long time coming. I also heard about eircom collecting money to pay fraudsters. I am surprised they were allowed do this. The actual document by the way is here.. http://www.comreg.ie/_fileupload/publications/ComR eg0499.pdf Here are submissions from the various telcos. http://www.comreg.ie/_fileupload/publications/ComR eg0499a.zip

Eircom was making more out of it than the scammers

[blorg]

Eircom (Ireland's effective telecom monopoly) had picked the dialler countries out specifically and put them in a special 'Band 13' that was more expensive than anywhere else on the planet - 360.58c per minute, *three times* the next most expensive region. However these same countries could be dialled from for example Germany for as little as 37c/minute.

So likely Eircom were paying the foreign telco a relatively small amount for completing the call, and the foreign telco would pass on a percentage of that to the dialler operator, while Eircom itself was getting the lions share of the actual call costs. If you complained, they would basically say 'you shouldn't have been visiting porn sites then'.

It was in no way in Eircom's interest to see these scams ended, and that's why it was the government regulator that stepped in to force them to block the number.

See here for some more background information. (This guy's site is a parody of the ComReg site but the information he presents is true.)

Re:Will this ever work

[frovingslosh]

If America did the same* then they properly would.. :)

*NEVER gona happen

On the other hand, if America (and maybe the E.U. too) passed a simple law stating that customers would not be responsiable for international long distance premium charges and that the government would no longer side with the telcos in giving them the weight of law to enforce these fees coming from a flawed business model against it's own citizens, then the problem would go away fast.

It might even go away faster if the government recognized that this was a well know fraud based on a flawed concept that the telcos set up and that the telcos take a cut from each time the scam gets a victim, and charged them with rackettering for letting the problem continue.

Unless you are in NL and they activate SWITCHPOINT

[P1ON33R]

That's the other good thing about ADSL - I don't have to worry about shit like this. No (traditional) modem, no way it can dial out.

Unless you live in the Netherlands and you have an evil big telco (KPN) that changes your DSL line into an electronic payment facility, with a risk of EUR 3.000 per incident. The technology they used is called 'Klipping' to link the IP number to the phone number of the DSL connection being used. No matter who has access to your machine (could be a remote connection with a stealth web proxy) payments can be made and will be automatically subscribed from your bank account.

This 'service' has been activated for all customers, without any notification at all, and with lies and cheats from KPN about the actual risks. For instance they clame that someone would have to literally dig up your phone line cable to abuse this system, which is a plain lie (wireless LANs, remote connections, etc.).

Sorry I am still a bit upset about all this. ;) For more information search on google for 'Klipping' and 'Switchpoint'.

Re:A small question of freedom...

[easter1916]

Freedom, jesus, Americans bandy that word around at the drop of a hat. Calls to those nations are now placed through an operator. Where's the loss of freedom? Minor loss of convenience is all.

Official Apology

[ObsessiveMathsFreak]

The following was an email sent to all eircom customers(or at least everyone with a @eircom.net address


From: service.announcements@eircom.net

Dear Customer,

As part of our ongoing commitment to customer service we would like to
provide you with the following important information on Modem
Hi-Jacking.

Modem Hi-Jacking occurs when a web site you visit purposely disconnects
you from your Internet Service Provider and reconnects you to the
Internet through an international or premium rate number, which may
result in increased call charges.

Everyone using the Internet should be aware of this risk. It is a
global issue and is not confined to Ireland. eircom net provides a safe
surfing guide, which may help you reduce the risk of Modem Hi-Jacking.

Please be aware that there are also software and hardware solutions
available, which may reduce the risk of Modem Hi-Jacking. Our safe
surfing guide provides some examples of these solutions. These are
purely examples and do not represent an exhaustive list. eircom net is
not in a position to recommend a particular solution. Customers will
need to determine which one best suits their particular needs.

For further advice please visit our safe surfing guide at
http://www.eircom.net/safesurfing

Kind Regards,

Fintan Lawler

Managing Director, eircom net



This mail sounds a lot like eircom covering their own asses to me. They've regularly overcharged the numbers that dialers are calling, at over 3 a minute. I was almost caught by one of these dialer programs myself a few years back.
I logged off, left the PC to get something to eat, and then a very wierd sound started coming out of the modem. A big dialing +475 5746353735373 or something appeared on the status connection. Got freaked out at the time. Virus scanner couldn't find the dialer, so I had to desperatly altavista for an answer(didn't know about google yet). I fixed the issue but low and behold, the next bill had a big IR£3 charge for the number that the dialer connected to for about 20 seconds.

This scam has been know for a long time, radio stations are always on about it every few months. Maybe the guy on the inside got caught, because there HAD to be one unless eircom just enjoyed grossly overcharging customers. Oh well. Monopoly is as monopoly does. Still they're giving a free broadband trial now... Hmmm I wonder if I should NO CARRIER