Parents got a good phone bill!!

[iMogal]

Well, I would like some help trying to track down some info on this:

Webvideochat
1-900-541-8677 - DO NOT CALL THIS NUMBER!

There was 7 phone calls made, each one 17 minutes long, and 17 minutes apart. (Last call was only 14 mins)
The calls where made on the 9th Dec, 2004, between the hours of 11am-1pm
Phone bills ussually give the location of the place called, but there is no location.

I've tried searching for info, but there is SO much stuff on a google search for this... and nothing on the phone number.

Do you, or anyone you know have gotten out of paying this type of bill?
I pretty sure my parents will have to pay, but if they can fight it...

Retired folks can't afford much, and the bill came to $341.86 (for just these 7 calls)

How can you protect yourself from this one? Short of unplugging the phone from the computer?

They are running current Norton AV and ad-aware.
(Nice New Years pressent for them )

Thanx again....

[Aikonik]

OMG I remember those dialer programs when I still had 56k, my parents resorted to paying for it, and grounding me, since I was the only one who used the computer...

[ABoard]

I searched "Webvideochat" with Google, and the first hit was this:

http://www.alyon.net/CACS/pdf/disclaimer.pdf

That PDF identifies the phone number you posted and the terms of service (pricing, disclaimers, etc.). The PDF also identifies Alyon Canada as the service provider.

So, another search on "Alyon Canada" yields this:

http://www.bananaguide.com/bgwire188.htm

(BananaGuide.com seems to be a guide to gay sex on the web).

A quote from the above link says this:

"Porn dialer forgives $17 million

Online bill processor Alyon Technologies Inc. has agreed to forgive $17 million that it billed porn surfers in order to settle charges of deceptive business practices, according to the US Federal Trade Commission.

The company could also be obligated to forgive another $22 million in bills if consumers dispute them, the FTC said.

The Trade Commission charged Alyon and owner Stephane Touboul last year after consumers complained that they did not authorise charges that appeared on their phone bills.

Alyon installed a modem-dialling program onto consumers' computers that disconnected their Internet connections and reconnect them to its own network, billing them an outrageous $4.99 per minute to access porn sites.

The redialling software was loaded onto users' computers when they clicked on a button indicating that they agreed to certain terms of service - the sort of agreement no one reads.

Besides abandoning the disputed charges, Alyon has agreed to explain its billing practices more clearly and provide an easier way for consumers to resolve complaints.

As a part of the settlement Alyon admits no legal wrong doing."

Maybe that will lead you in the right direction for starters.

[Aikonik]

talk about awkward, are you going to confront them, check their cache? History logs? I'm not joking btw...

[iMogal]

Thanx ABoard, following them revieled this: Rip-Off Report

Quote:

Alyon Technologies Rip-off International Axis of Cyber- COPA Violators, Porno Pushers, Dis-Organized attacking Innocent Americans from a secure Tele-Bunker Complex *Investigation by Victim turned Consumer Advocate Secaucus New Jersey, Gwinnett County Georgia

Quote:

A consumer installed a program from hotbar dot com for use to decorate her emails. She changed the design above the address bar. In the page she came across an Icon ad.

It appears that Alyon Technologies, Inc. had tagged the Ad (mhtml:mid://00000099/!cid:image001.gif@01C2F6CF.26680690).

When she clicked on the ad it self-installed into her computer Alyon's rogue Dialerware Pornographic download without her knowledge or consent.

The Icon was benign enough. This reaffirms that Alyon Technologies, Inc. Dialerware can and does self install even from simple 'No Adult' Icons.

- And WOW, if you follow it a little further...

Quote:

Alyon Technologies, Inc. has been attacking citizens across America committing Acts of Cyber-Terrorism

Well, thank-you for your time, I will pass this onto my parents and it will give them info to pass onto the phone company...

[proFeign]

Since that software isn't necessarily virus behavrior, and since it may not be collecting personal info in any way and it may not pop-up ads it's not adware or spyware either.
I would guess the only software that would be able to stop that would be something like Norton Internet Security where if anything wanted to dial out you would have to approve the outgoing connection first.

That sucks.

[proFeign]

On a lighter note, software that went out and got porn for you (over broadband of course) when you were asleep would certainly be appealing to some people.... *ahem*

[Lucas_Maximus]

Quote:

Originally Posted by proFeign

On a lighter note, software that went out and got porn for you (over broadband of course) when you were asleep would certainly be appealing to some people.... *ahem*

not when it cost £1 a minute, had some nasty crap like that on my computer when I clicked yes instead of no on installing stuff into IE, easily done when your jumping from page to page in google or find yourself on a warez site with lots of popups.

luckily I am on a pay as you go phone and you have to put in your phone card to make the phones work so dialler didn't work.

[iMogal]

Uhm... automatic porno downloads....

So I guess its a program that is installed into thier computer. ??
How could you go about locating it?

Its virus and spyware free.

[JCNiest5]

From a short recollection, I remember one of my PCs was doing some kind of dialing out. Oddly, my kids were using that PC and doing internet and pop-ups were suddenly everywhere and without realizing what they were, I guess they must accidently clicked "Yes" to something. Fortunately, I'm on broadband and no modem is ever connected to any PCs, so that program was trying to dial-out unsuccessfully. It hit a dead end. I ended up formatting the whole HD and reinstalling everything if my memory serves me correctly. What a scare that would be if there was a modem connected!

If your folks accidently clicked "Yes" to something without knowing what it was, this program can dial out and dang, dang, dang, what may happen next may be unimaginable. The sad thing is that these kinds of activities are mostly from pop-ups. What is the world coming to!!??

[Howard Stern_abx]

I just read something about these apps Hijacking your modem and running up big bills. Just tell the phone company they did not make the calls period. I had a weird call on my cell phone bill last year and the number read 000-000-0000 and was for 292 minutes. It's was about $120.00 charge. I called my provider and flat out refused to pay it because I never made a call to a number like that and I never in my life spoke to anyone for 292 minutes either on the phone or face to face. They told me to pay it and when I asked them about the bull***** number they dropped the charge off my bill.

[ABoard]

Quote:

Originally Posted by iMogal

Uhm... automatic porno downloads....

So I guess its a program that is installed into thier computer. ??
How could you go about locating it?

Its virus and spyware free.

Some antivirus and spyware apps detect certain dialers even though they may not technically be termed viruses or spyware (depends on who you are talking to). Anyway, Spybot has ~ 6600 defs for dialers in its database (I'm not sure exactly what Adaware has in its database, but it should be easy enough to find out). From what I've read in your links, Spybot is supposed to detect the eGroup dialers (eGroup supplies the software to Alyon ... I just noticed what may or may not be a coincidence: eGroup is based in [Lyon], France; A[lyon] is a (French?) Canadian company).

Your best bet would be to use a dedicated Trojan detector such as:

TDS-3 (30 Day Free Trial)
BoClean
A-Squared (Free version available)
Ewido (Free version available)
HijackThis (not strictly a trojan detector, but may find some anomilies)
etc.

If those fail to detect the malware, the RipOff.com link you supplied has a (perhaps less than exhaustive, but lengthy) list of items that you can manually check for:

--- "Search your computer for 'mini dialer and 'iedisco.exe' and delete them. They have created a folder called 'eGroup'- find and delete it. They have also made changes to your Windows Registry. (See Rip-Off Report #45776 - items found in Windows Registry.) There are many Rip-Off Reports with instructions on finding and removing Alyon/eGroup's "POP-UP" and "DRIVE-BY" DOWNLOADS AND INSTALLATIONS. Spybot S&D with the latest updates will find and remove ALL of Alyon/eGroup's items, if you cannot manually remove them. *Use at your own risk*"

---"Alyon and eGroup's 'POP-UP' AND 'DRIVE-BY' DOWNLOADS AND INSTALLATIONS Some of the ILLEGAL DOWNLOAD and INSTALLATION ITEMS INCLUDE: minidialer, iedisco.exe, elksoftfirewallkiller, I-Worm.sobig, IEAccess/IEAccess2, StripPlayer, forgetfirst, dialsecond, activestripsetup.dll, openme.exe, PopupToOpen, ExitPopupCBUrl-http://usa-network.video-party.com/index, ExitPopupUrl-http://auth.us.egwn.net/get-ani.php, IEAccessUAH-http://www.normal.video-party.com, Electronic Billing System, Data F-http://www.normal.video-party.com, blacklist, video, egroup, alyon.net, xww.de, start-up, hooker, strip, worm, sobig, ACX_Install, VLoading, ActiveStripSetup, and many more malicious items."

Application control software can be helpful, but I wouldn't recommend them to anyone that wasn't a computer "geek" as they require a lot of user intervention for setup and maintenance:

System Safety Monitor (Free)
Prevx Home (Free Version)
Process Guard (Free Version Available)

Check here for trojan software, application control apps, descriptions, reviews, links:

http://www.wilderssecurity.com/index.php?board=39

For prevention, at the very least, you need:

-Latest OS / software patches / updates
-Mozilla / Firefox (or IE with settings tightened up)
-Firewall (preferably with app control)
-Anti-Virus software
-Anti-Trojan Software (most people go without this thinking the AV will do the trick)
-Anti-Spyware software
-A good sense of what's out there that can get you in trouble (most people go without this )

This obviously is just a quick and dirty run-through, but you definitely need to investigate the anti-trojan software if your other lines of defense aren't detecting the malware, and then need to harden the PC (and educate its users) against further attacks. If nothing else good comes from this, you and your parents will probably benefit greatly from your research (directly, perhaps, if the phone charges are dropped; indirectly, most definitely, from the knowledge you gain).

Good luck.

Edit: I use TDS-3, and upon checking its current database, several entries were found for eGroup dialers (10 to be exact). I didn't search for any other specifics, but TDS-3 is one of the better trojan detectors with thousands of defs (including other porn dialers) in its database.

[Deer Slayer]

My brother got one of those dialers on my parents' puter, and it racked up a $400 phone bill. This was a long time ago, back when the 333mhz gateway was still in use. My parents were blaming it on me as if I made the call, but I pointed out that it happened when I wasn't home. Then they blamed it on my brother, but he was at school. My mom was the only one home, so she called the phone company to tell them there's no way the calls could have been made. They told her it was a data line and the calls were made by the computer, they knew exactly what was going on. My parents threw a big fit, told them to take it to court. They dropped the charges from the bill provided they had 1-900 numbers blocked.

The moral of the story is they have no right to do that and if you throw a fit, they'll back down. Dialers have been arround for a long time, I'm suprised that still happens. I'm suprised the phone companies haven't been forced to assume some of the liability for this. They should, they shouldn't be allowed to provide service for scams like that. They should be charged criminally as far as I'm concerned, but the courts have more important things to deal with, like music downloaders . I'm sure the only reason the there's been no real legal action is money talks.

[iMogal]

Quote:

Originally Posted by ABoard

This obviously is just a quick and dirty run-through, but you definitely need to investigate the anti-trojan software if your other lines of defense aren't detecting the malware, and then need to harden the PC (and educate its users) against further attacks.

Thank you for your time in this.

I have passed this info onto my folks, and they will be installing spybot and TDS-3.
They are across the contry so its kinda hard to help them out!
I'll keep the board updated as to what is/was found...

[proFeign]

I would also tell them, if it's not too much trouble, to install something that will let them filter/approve all outgoing/incoming connections. Like NIS.