Who Is Really Behind The Rogue Dialer Scams?

A tip from a reader (thanks, James) indicates we’re back on the trail of the rogue dialers. (Rogue dialers are pieces of software usually downloaded without the user’s knowledge, which then disconnect existing Internet connections and dial fresh connections via high-cost usually international numbers. The user doesn’t know much about it until the monthly phone bill arrives with a hefty jump.) A piece on TheWMURChannel (via AP) says Missouri’s attorney general has filed suit against a New Hampshire man, Michael Walczak,  and his businesses —  Phoenix One Billing LLC and National One Telecom Inc — accusing him “of charging Missourians for accessing pornographic Web sites they never visited”:

The suit accuses Walczak of demanding payment from at least 59 Missouri customers for long-distance calls to foreign countries that weren’t made and for accessing pay-per-view adult Web sites. Nixon said it appeared the charges sometimes came from auto-dialing software installed on people’s computers without their knowledge.

Walczak is accused of deception, fraud and unfair trade practices. Nixon wants the Jackson County Circuit Court to order the people wrongly charged be paid back, to block Walczak from engaging in unfair trade practices and to impose a fine of $1,000 per violation.

Walczak doesn’t sound like a big fish, although National One, one of the companies he is allegedly involved in, did catch some big ones. This article in the Union Leader describes him thus (go here for the full piece; the January original has been archived):

Walczak is a 2000 graduate from Manchester West High School and uses his parent’s Horizon Drive address in Bedford as his business address. He graduated from Daniel Webster College last year with a degree in information systems. John Zahr, a class officer of the West 2000 class, said Walczak was a smart kid who took advanced-level classes. “All I could really tell you, without trying to sound too harsh, was that he was perceived as your stereotypical high school ‘nerd,’ if you will,” Zahr said in an e-mail message.

In other words, if this account is correct, he’s barely into his 20s. Someone of his name is also behind this website, Candid Publishing, based in the same area, with the following DNS registration data:

 Walczak, M. webmaster@candidpublishing.com
 PO BOX 10007
 Bedford, NH 03110
 US
 1-866-422-6343

Different postbox, but same ZIP as Phoenix One Billing. And the company name happens to be the name by which National One Telecom’s DNS is registered. Candid Publishing’s website has nothing on it, but it looks cool, and promises services including “traffic auditing”. But it does seem to have been around a while: the Walczak of Candid Publishing has been using that company name since at least 2000. Oh, and there’s an interesting exchange here on the Tech Support Guy forums between angry users and a National One Telecom “customer service manager“. It’s more than a year old but entertaining and may shed some light on what this is all about. Could this particular scam have been dreamed up and carried out by small fry?

Microsoft and Rogue Dialers

A week late with this, but still shocking enough for a mention: Microsoft’s UK security chief has admitted to be being hit by a rogue dialler, according to ZDNet UK News:

Rogue diallers have claimed a high-profile victim — Microsoft UK’s chief security advisor Ed Gibson. Speaking to ZDNet UK on Tuesday, Gibson revealed that he has recently been hit by a £450 bill from BT after his computer was infected with a rogue dialler.

… Gibson was speaking at the London “eConfidence — Spam and Scams” conference, at which he delivered a passionate attack on rogue diallers. “I’m so perturbed about the whole area of rogue diallers… If we don’t make a concerted effort to make the Internet more secure, it will be a very different place in the future,” Gibson told the conference.

My sympathies with Mr. Gibson, who ZDNet says “was appointed as Microsoft’s chief security advisor in the UK in May this year and took up his post in July. He has previously worked for the FBI as an assistant legal attaché for the UK. “ But I’m still kinda gob-smacked that someone of his ilk and presumed savvy would fall for this hoary trick. Does Microsoft not read Loose Wire? (I’m kidding.)

Anyway, the sting in the tale is that BT is insisting he pay the 450 quid he rang up. Seems fair; a few months back I would have said not, but BT has, as ZDNet points out, launched a service to protect users from this kind of thing, so there’s really no excuse.

I suppose my worry is that Mr. Gibson is a little behind the curve here, and using a forum to fulminate against a problem which, in the scheme of things, is slightly less important than data theft, phishing and other Internet terrors. If one wanted to, I suppose one could argue this is symptomatic of Microsoft’s lethargic, unimaginative and all-or-nothing approach to security. Or is it just one guy’s bad luck?