Regulator acts to curb modem hijack net threat

5 Aug 2004

Telecoms regulator ComReg has set out a list of proposed industry regulations aimed at protecting consumers from modem hijacking and autodialling software that can leave dial-up internet users at risk from receiving telephone bills with four-figure call charges.

According to ComReg, the issue has affected an increasing amount of users in Ireland. Normally PC modems connected to the internet over a standard phone line call a local number to get access to the internet. Problems can occur when the dial-up settings, unknown to the user, are changed by rogue autodialler software to call an international number – resulting in significantly higher call charges.

Consumers typically only become aware of the problem when they receive a bill listing calls to destinations with greatly increased call charges. This year alone, ComReg has received more than 200 complaints from telephone subscribers who have been affected by this problem. In most cases, the call costs have varied between €20 and €2,000 but in one case a business was billed for €12,000.

In April, ComReg issued a guide for consumers to highlight the dangers of modem hijacking and to suggest measures to curb the threat. Local internet service providers and telecoms operators implemented security safeguards against the problem, without which such problems would be much worse, ComReg claimed.

Despite these efforts, telephone subscribers have continued to be affected by the problem so the regulator has now outlined a further series of measures for adoption by the industry. The proposals include having ISPs alert users to the problem of rogue auto-dialler programs and recommend measures that users can take to protect themselves.

The regulator has also suggested that direct dialling facilities to so-called ‘problem destinations’ be suspended but recommends that specific phone numbers may be unblocked at the request of a telephone subscriber. These destinations include the military base of Diego Garcia, as well as locations such as French Polynesia, Mauritania, Tuvalu and the Solomon Islands. Calls to any of these places cost €3.60 per minute.

The programs that redirect modems to call these destinations are known by several names, such as modem hijackers, autodiallers, dial assistants or stealth diallers and they can be obtained over the internet. Users download the software inadvertently and the dialler program is often installed on the user’s PC regardless of whether they agreed to use a particular online service or not.

In some cases, the software can disable the familiar modem dial tone so that the user is unaware that their internet connection is active. It may also change the default homepage when the PC is online. Traditional anti-virus software, though readily available and often preinstalled on PCs, does not solve the problem as autodialler programs are not technically viruses.

Scammers who run these dialling programs profit from them by making an agreement with the telecoms operator in a location such as Guinea Bissau for a percentage of every call routed to a number that they operate.

Legitimate telecoms operators can also earn revenue from these calls because of the charges incurred in calling these destinations. On receiving their phone bills, it is common for many users to contact their operator to complain but the operator is unlikely to absorb the total cost of the calls.

Eircom confirmed that it would reduce some charges where customers had been victims of autodialling, particularly if the user was reporting the incident for the first time. “We have to pay settlement charges to the other operator. It’s not possible for us to waive all of the bill,” said Eircom spokesperson Nuala Buttner. Where Eircom agrees to absorb some of the cost of the bill, it will settle with the customer in such a way that it does not make a profit from the call, she added.

Eircom has been monitoring its internet traffic to detect unusual calling patterns and has already blocked 16,000 numbers. The company also contacts customers where it thinks autodialling may have taken place.

The telecoms lobbyist Peter Weigl of ComWreck welcomed the proposals to address the problem, having raised the issue earlier this year with the regulator and at ministerial level. He supported changing certain countries’ telephone codes to opt-in numbers as the most successful of the likely proposals.

However, he cautioned that directing ISPs to inform customers would not necessarily make the issue go away. “This will put the responsibility back on the user,” he said. Weigl pointed out that recommending hardware or software tools to solve the problem might be appropriate for technical users but it could confuse non-technical consumers. “There are so many compatibility issues,” he said.

Weigl also suggested that the problem may be more widespread than even the regulator’s figures indicate. “The normal consumer does not know that ComReg is the agency handling this,” he told “It would be amazing if every user that was caught by this contacted ComReg.” has learned that many of the customer calls received by one telecoms operator after issuing its phone bills related to autodialling and high connection charges. It is understood that the amount of these calls would typically be several hundred euro.

Telecoms operators and ISPs have until 20 August to make submissions to ComReg, which will issue a direction at a later date. Eircom said that it does not agree with the “sweeping action” proposed by the regulator that would involve blocking calls to entire country codes.

“In our view, we think that all operators should run a list of banned numbers, sharing information with each other and blocking access to as many as possible,” said spokesperson Nuala Buttner. “We don’t believe ComReg should block destinations. If these scammers are rumbled in one destination they move on, so we can’t keep arbitrarily blocking destinations. There is legitimate traffic to those destinations as well,” she added.

By Gordon Smith