[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
NFIC Warning About Sexygirls web site
I had to laugh when I read this...
Cheers,
Bob Hettinga
--- begin forwarded text
X-Sender: themet@pop.mindspring.com
Mime-Version: 1.0
Date: Wed, 5 Feb 1997 01:50:36 -0800
To: fraudnews@silverquick.com
From: Mark Taylor <themet@mindspring.com>
Subject: NFIC Warning About Sexygirls web site
Reply to: Mark Taylor <themet@mindspring.com>
Here is an interesting twist on how some crafty scamsters can
rack up money on your phone bill
===========
National Fraud Information Center
Monday, February 4, 1997
PORNO SURPRISE
Consumers who visited a pornographic website
(www.sexygirls.com) last month got a big surprise on their
phone bills. After a few teaser pictures, surfer was told
he/she needed to download a special program to view the
archived images. That program was actually a viewer with an
entire communications suite hidden deep inside (a non-self
propogating
Trojan Horse). The program disconnected user from his/her ISPs,
shut off the volume on the modem if it was computer controlled,
and dialed a number in Moldova -- a small, former republic of
the Soviet Union wedged in between the Ukraine and Romania. All
the while the consumer was on the website, and even if he/she
then browsed other sites on the World Wide Web, the Internet
access was being provided through the Moldova number, resulting
in huge international phone charges! Consumers didn't know that
until their phone bills arrived. According to the Toronto Star
Business Reporter, there are Canadian reports of bills into the
thousands.
The Toronto star also reports that the Royal Canadian Mounted
Police has requested all calls from Canada to that number in
Moldova be blocked. Bell Canada is attempting to provide relief
for Canadian consumers.
US consumers should contact their long distance providers if
they find these unexpected charges on their bill.
The RCMP has also required the owners of sexygirls.com to place
a disclaimer on the site, alerting consumers to the presence of
the communications software in the viewer. The disclaimer also
tells consumers how to disconnect if they do not wish to use
the server in Moldava.
In November, Internet Fraud Watch warned consumers concerning
the possible dangers of downloading programs over the Internet.
Some tips:
Don't download unnecessary items. If it's just a piece
of razzle-dazzle, don't bother. It will only take up space on
your hard drive and perform no useful function. If there's no
gain for you from the program, there's no reason to take a
risk.
Only download from sites you know and trust. While even
a major corporations site can sometimes have a viral
infection, a lone programmer might be using an attractive piece
of code as a delivery vehicle for his pet virus.
Don't download material directly onto a computer network
at work. First download it onto a stand alone PC. Test it out.
Make sure it doesn't have any malicious side-effects. Check
that machine for known viruses. Only at that point should you
install the downloaded program on a networked machine.
If you feel you must download files, keep track of what
files you have on your system and what files are created during
a program installation. That way you can easily uninstall any
program if you find it to be undesirable. This also helps in
detecting new installed files that aren't supposed to be there.
Remember, your main worry is an executable file (i.e. a program
or application). Despite what you hear all over the Internet,
you cannot get a virus from a piece of e-mail.
If you are having a problem with calls to Moldova, the
connection will only be made if you attempt to use the viewer.
If you try to use the viewer, shut down your machine after you
are finished at that site. If you wish to remove the viewer
altogether, the file name is david.exe (for IBM users). If you
are in Windows, it should be in your program folder.
FraudNews is owned and published by :
Mark Taylor: themet@mindspring.com
All material published is copyright.It must not be reproduced
in any form without the express permission of of the owner.
=============================================================
This Newsletter is broadcast using the List and Newsletter
Management facilities of Silverquick Communications
You may subscribe to FraudNews and the Fraud-Discuss lists on
the web pages at : http://www.silverquick.com
=============================================================
--- end forwarded text
-----------------
Robert Hettinga (rah@shipwright.com), Philodox
e$, 44 Farquhar Street, Boston, MA 02131 USA
"Never attribute to conspiracy what can be
explained by stupidity." -- Jerry Pournelle
The e$ Home Page: http://www.shipwright.com/rah/
FC97: Anguilla, anyone? http://www.ai/fc97/