Among the most popular schemes were so-called
dialers. Dialers would infect individuals' computers,
disconnect their modem, and then force it to dial a long distance
number, typically an international call. The virus would often
mute the modem speaker so the victim would be none-the-wiser.
Milking the economics of international calls, the crooks would pocket
a substantial amount for each call, while victims would be left with
massive phone bills.
With the slow death of the dialup modem
and the move to broadband, such antics have died down in recent
years. However, a new trend in adult content viewing is
reportedly reviving this insidious form of cybercrime.
firm CA maintains a security division, which among several security
firms to notice a rise in dialer attacks. They note that the
new attacks are chiefly targeted at smart phone users. Recent
studies have shown that virtually all males partake in adult content
-- and other studies have shown that a smaller, but substantial
number of females do as well. With the rise
of smartphones, many are turning to mobile browsers to get their
Smart phone numbers are growing, in
fact, 11 percent of Americans have smart phones, by recent estimates
-- that's more
than have dialup. And with the rise in smart phone numbers,
adult traffic from these smart mobiles is rising as well. And
that's exactly what cyber criminals are hoping for.
Menon of CA's security branch writes
in a blog, "In our malware analysis lab we have been observing
an increasing trend of Trojan Dialers that targets mobile devices and
this advisory blog is a quick analysis of one such malware that uses
the J2ME technology (a default standard for CLDC devices) to send SMS
messages to high cost numbers. Similar to its ancestors, most of them
are related to pornographic message centers."
called Swapi.B typically infects a smart phone when the user
downloads what they think is adult software, video clips or helper
Mikko Hypponen, head of research at F-Secure which
makes security software for mobiles in an
interview with BBC News also reported noticing a rise in
smart phone dialer attacks. He says that crooks love the fact
that no extra work is needed to make money off the scheme, unlike
traditional cybercrime which involves collecting credit card numbers
to conduct credit card fraud.
He states, "PC malware
can't just directly steal money from your machine; it has to jump
through hoops like keylogging your credit card number or sending
spam. However, mobile malware can just instantly steal from you
by making premium-rate calls or messages. The trojan can place
calls to, say, 100 different premium-rate numbers, only one of which
is his own number. How would you fight this? Shut down all the
numbers, including the innocent ones?"
Google was among
the first to note this trend. It blocks
certain premium lines in its Google Voice service (which offers
free calling) to prevent excessive charges or this kind of abuse.
Despite this seeming like common sense, data discrimination laws
forbid U.S. carriers from blocking blocks of premium numbers, even if
they're suspected of being involved in a cyber fraud scheme.
The FCC is currently investigating Google's call blocking, but it is
unclear whether the same laws apply to Google as the traffic is
routed over the internet, rather than traditional phone lines, and
additionally the service is free.