Hi there

British Telecommunications apathy towards its customers!

After recently having my PC hijacked by illegal software which automatically phones premium rate numbers, I have now been told I must pay the bill of £241. This is even though I have software to prove it has automatically been downloaded and automatically dialed out, they still insist I pay!
I have contacted Ofcom, Icstis, and telecom themselves, with no joy, only a letter insinuating that I have indeed dialled out onto a porn site. Over 100,000 people have been hit with this according to BT, it was even highlighted on watchdog, but BT refuses to waive any bills, not one person has so far had their bill reduced from this illegal activity. In other words, BT is aiding and abetting criminals to obtain money by deception through the use of this software, which if allowed, will encorage others to follow suit! If BT are collecting this money on behalf of of an illegal criminal, why can't they just refuse to pay him, and allow him to chase people for the money himself?

I can prove conclusively that I have been accessed through my PC this way, I even have the software that caused this problem, but they just insist I pay it!


I am dismayed after working for BT that they can treat customers like this. Yet Icstis, the governing regulatory body(Who by the way, just for the record have no professional people who can deal with this problem, they even asked me to submit evidence of the offending software for their records) is currently reviewing an increase of allowable charges for primium rates from £1.50, to £5.00, I ask you, what are these people thinking about?

I am so shocked by my treatment, and of the others, I wonder who is really benefiting from this!
Most of the links goes to a criminal in Switzerland.
Oh well, as a future industralist of this country, I am going to take my interests elsewhere!
Possibly abroad, my patriotic tendancies to this country have been knocked finally into the ground, time to leap from the sinking ship!

Someone has told me from BT that the revenue so far from illegal access is around the 2 million mark, not bad as most of it has been paid to the criminal at large! I even reported it to Interpol, with the guys details, but to no avail!

Hope this warrants some response!

Want any evidence, I have all correspondance and proof to substatiate this email, please contact me for any info you may require, or let me know if you too have had this problem and been forced into paying the bill with no investigation. BT claim they have investigated it, which seems amazing, I have not recieved one visit from them to show them the illegal software I have on disk!

It would be helpful, if there is any legal experts who can shed some light on this, surely this is wrong?

Regards

Mark ..

Well life can be a pig sometimes can't it?

The only trouble with your gripe is that BT weren't operating your PC - YOU were. Whether you knew it or not, YOU downloaded the dialer, and YOU dialed the porn line.

Maybe you should ask Ford to vet the accounts of all white Transit van buyers just to make sure that they aren't doing jobs on the side and fiddling the VAT?

BT have a service that allows you to prevent such dialups. You should have used it.

I've got lots of sympathy for your situation, but I don't see how BT is to blame.

Hi

I posted the following on a thread 28/06/2004, which may be of interest to people....

=============

Good old BT
Just got an email from BT taking me to http://www.bt.com/premiumrates/

They are advising people of the dialler scams that affect non-broadband users.

Have they been made to do this or are they doing out of goodness of their heart ?

===========

TTFN

Rudi

Hi Tony, read a little more carefully ,please!

THe dialler is downloaded without any clicking on anything that remotely tells you its a dialler, it then dials out and even masks under your normal connection service provider, otherwise #I totally agree with you!

Some people have had this happen, even when visiting game sites!

I suppose the 8 yeart old girl using it for her homework was downloading porn too, as highlighted on the Watchdog program!

Read the following>

http://www.greatis.com/regrun3di.htm




istsvc.exe
ISTbar is an IE toolbar with some variants:

1. ISTbar/AUpdate installs a TinyBar variant to implement its toolbar, and will be detected by the script at this site as TinyBar/B. The hijacker is aimed at my-internet.info and blazefind.com; distribution is managed by searchbarcash.com, its controlling server. Updates are loaded by an 'AUpdate' process.

2. ISTbar/MSCache also uses TinyBar, along with a Browser Helper Object called mscache.dll used to load updates. The controlling server is www2.skoobidoo.com.
ISTbar/MSCache was widely distributed to victims clicking on links to the 'OutWar' online game.

3. ISTbar/XXXToolbar is an update based around porn. It uses its own toolbar based on the Pugi toolbar. The hijacker is aimed at its controlling server xxxtoolbar.com, and slotch.com; distribution is controlled by toolbarcash.com. Opens pop-ups as directed by its controlling server.

All versions also install other third-party software which includes advertising.
ISTbar also installs other parasites: AUpdate and XXXToolbar install porn pop-up producer RapidBlaster/lp; the AUpdate variant is also known to install DownloadPlus; the MSCache variant installs nCase and the Wink/EasyDates dialler.


So you are stating, you play a game on the net, it automatically downloads a porn dialler because you have clicked to connect to a game to play over the net!

It then attempts to dial out and connect to this premium rate number, when you check the connection, all seems fine, the normal connection is there to your service provider!

As for Norton Antivirus and security systems, I had a firewall installed that was totally up to date, it disabled this also, if you like, I can send you the dialller for you to place on your PC, then tell me its easy to see!

Even when it co9nnected, nothing appeared that was associated with porn!

I hope Iam a little more clearer on what has happened now!

-----------------------

Just to remove one of those pieces of software, you have ot do the following>

NOTE: this is in response to the post by Dick Turpin
Removal
There is a entry in Add/Remove Programs for 'MS AUpdate' (AUpdate variant), 'MS Updates' (MSCache variant), or 'ISTbar' (ISTbar variant). Unfortunately this doesn't remove the toolbar in the AUpdate variant, or RapidBlaster in the AUpdate or ISTbar variants; in the MSCache variant it does not appear to work at all.

Ad-Aware reflist 20.04.2003 and Spybot S&D update 2003-04-24 can remove ISTbar/AUpdate.

Manual removal
AUpdate variant
Open the registry (click 'Start', choose 'Run' and enter 'regedit') and find the key HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run. Delete the 'AutoUpdater' entry on the right (pointing to aupdate.exe). Find the key HKEY_CLASSES_ROOT\CLSID, and delete the subkey '{69550BE2-9A78-11D2-BA91-00600827878D}'. Delete the subkey of the same name from HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars, and the entry of the same name from HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar.

Restart the computer and you should be able to delete the files 'aupdate.exe', 'aupdate.conf', 'aupdate.trk' and (if it is there) 'aupdate_uninstall.exe' from the System folder. (The System folder can be found inside the Windows folder; it is called 'System32' on Windows NT/2000/XP or just 'System' on Windows 95/98/Me.)

Finally you can restore your normal search settings (Internet Options->Programs->Reset Web Settings) and deal with RapidBlaster and DownloadPlus.

MSCache variant
Open a DOS command prompt window (from Start->Programs->Accessories) and enter the following commands:

cd "%WinDir%\System"
regsvr32 /u ../mscache.dll
Next, open the registry (click 'Start', choose 'Run' and enter 'regedit') and find the key HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run. Delete the 'MS Updates' entry on the right (pointing to mscache.exe). Find the key HKEY_CLASSES_ROOT\CLSID, and delete the subkey '{69550BE2-9A78-11D2-BA91-00600827878D}'. Delete the subkey of the same name from HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Explorer Bars, and the entry of the same name from HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar.

Restart the computer and you should be able to delete the files 'mscache.exe', and 'mscache.dll' from the Windows folder

Finally you can restore your normal search settings (Internet Options->Programs->Reset Web Settings) and deal with nCase and Wink/EasyDates.

XXXToolbar variant
Open the registry (click 'Start', choose 'Run' and enter 'regedit') and find the key HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run. Delete the 'IST Service' entry, if it is there. (Some early releases of XXXToolbar did not include this.)

Open a DOS command prompt window (form Start->Programs->Accessories) and enter the following commands:

cd "%WinDir%\System"
regsvr32 /u "\Program Files\ISTbar\istbar.dll"
Restart the computer and you should be able to delete the 'ISTbar' folder inside Program Files, and the 'istsvc.exe' file inside the Windows folder. You can also delete the registry keys HKEY_CURRENT_USER\Software\ISTbar and HKEY_CLASSES_ROOT\Pugi.PugiObj (and .1) to clean up if you like.

Finally you can restore your normal search settings (Internet Options->Programs->Reset Web Settings) and deal with RapidBlaster.
--
Better to remain silent and be thought a fool, than to speak and remove all doubt.

---------------------------------------

There was several, alot under the name Tony-1, tony_2 etc, do a search on your own PC!

Best bit is, you are automatically defaulted by BT to enable anyone to dial out a Premium rate number from your line, it may also worthy to note, that BT was the comapny who stopped it going any further than 241 pounds in under a few hours. as they know it was out of character with normal premium numbers!

So they are admitting something is wrong by their action alone!¬

Regards

Mark ..

Like myself, I am on Broadband now, but dont be fooled, you can still be hacked and abused this way!

Ask BT!

You need to set youre PC up correctly!

Regards

Mark. .

If you have woked for BT then you will know that BT is one of the most regulated company's in the country. You will also be aware that it can loose it's licence if it infringes on the regulations. You will also know that BT as a carrier pays out to the supplier on a monthly basis , but it collects it's call revenue every 3 months. It has also published frequently the perils of rogue suppliers. BT are therefore in a position whereby they can only be proactive after the event. There are many suppliers who are genuine and trustworthy and a few who are not. The position at the moment is if BT suspect a company is acting illegally it will freeze the payment to them until the regulator either ajudicates in it it's favour or not. It cannot act retrospectively and demand payments already payed out to be returned. It really is up to the individual or a responible adult in the case of a juvenile to check their connections on a regular basis, and not expect to blame everyone else for their misdeeds as seems to be the in thing at the moment

Whilst I have every sympathy with your plight, and certainly I would have pleaded with BT the same, at the end of the day BT cannot be held responsible for what happens with your or anyone elses PC (or anything else that is connected to it - remember the plight of the Sky digiboxes that were dialling the wrong number with the PPV data - again, not BTs fault).

You asked them, they declined, and are under no obligation

If you missed an important appointment because you got lost due to poor road signs, would you expect the highways agency to compensate you? If you got a puncture from a nail in the road would you blame the tyre manufacturer?

Its not really BTs fault, you used their service no matter what.

You should keep your PC scanned with things like Ad-aware or Spybot.

Are you even running a firewall?

Originally posted by RPG

Are you even running a firewall?

I think he said he was running Norton Internet Security, but the words fire guard and chocolate seem to come to mind. I recommend Panda Internet Security, or, for no charge at all, Zone Alarm of course.

I run Norton Internet Security and tend to keep it up to date manually as well as automotically so I'm interested why you think its no good. I;ve had no problems to date.

I also run ad-aware, and very very occasionally it picks something up other than cookies.

Mind you - we have another firewall on the router, and pay F9 for ISP side screening too. Maybe that all helps out Norton.

These diallers also disguise themselves, often as a pop-up that appears on screen as an 'agreement' to continue or a 'confirmation to view the content' and if you try and close them they will reappear as 'to view this content you must agree'.

If I get anything like this, I immediately close my browser using the Windows Task Manager (ctrl-alt-del) to ensure that the offending article is not loaded.

Beware of anything you are not expecting, these things come in many guises.

Originally posted by markwit
I think he said he was running Norton Internet Security, but the words fire guard and chocolate seem to come to mind. I recommend Panda Internet Security, or, for no charge at all, Zone Alarm of course.

Certainly a chocolate fireguard! most pr0n diallers disable it upon installation.

Hi Folks

I have read this thread with great interest, as I am one of the people who has been caught out with this fraud. I would like to make a few pointers for people to take note.

Firstly, whilst the rouge dialler was accesses premium rate numbers from my PC, which by the way had all the security features, the software disabling them, firewall etc installed and up to date, BT stopped it in mid flow!

Now forgive me if I am wrong here, but if BT have claimed to be indifferent to this sort of abuse, why not let the rouge dialler run up a bill of several thousands, instead of several hundred. If fact, let it escalate to some figure in the 100's of thousands?

Purely by them intervening without asking, they are not only owning up to knowling about illegal accessing of premium numbers, but also had the power to stop it remotely, and did so! Why not stop this sooner?

Now BT, knew about this scam last year, so they will have been aware of this happening at the actual numbers that were been dialled, hence why they stopped the access of this from my phone line.

Where the drawline, if I am only paying £241, then why is others paying £4000, that was the cost one pensioner had to pay, and did so!

Why was not a letter sent out to everyone warning people of this scam?

They have technology to stop this, I even had a warning message sent to my phone, after it was stopped, ghiven the time that elasped for this scam to rear its ugly head, could not BT have instigated something within a shorter timespan than a year, and why send people warning now? The people who claim its my fault, or the fault of others, so dont know all the facts, but if thats the case, then why are BT warning people, and stopping the premium rates services while the calls are been dialled?

Why was not the international numbers barred from accessing this county?

As a precedence, the person owing £4000, should be able to get it reduced to £241 at least, for BT admits there was a problem!

They have only just sent out information to everyone, after one year!

The software does not need prompting, it can download to your PC from anything else you click on, it even came down from a games site. The software I have, does not need any prompting at all, anyone want to have a look and let me send it to their PC is welcome!

It mask under your normal connection screen, so you think you are reconnecting to your service provider., no prompts to tell you its redialing another provider! The PC does not even show you you have a different connection, totally hidden!

I supplied Icstis with copies of the the software that causes this problem.

Icstis have no technical people to look at this problem, they have set themselves up as a regularity body, yet do not possess the skils to carry this out!

While these companies are been investigated for illegally accessing PC's in this country, what are Icstis doing, they are discussing putting up the cost of Premium rate numbers to £5 a minute!

BT have not paid all the monies to the premium rate companies, but have kept a large amount back for themselves, and are now telling us, that their share is going to Childline?

Then Icstis, fine the companies for £50,000, where did this money go . To the goverment or Icstis Staff, they are obviously not providing their services for free!

It should be shared amongst the BT customers and helped to refund the people hit by this scam?

I would like evidence, that after knowing who the scammers were, that BT has in fact paid them the monies that they now wish to be collected from me!

We live in The EEC, interpol was informed of the guy who was behind this scam by myself, but I have heard nothing.

BT claim this guy manged to run up bills of around 2 million single handedly, have BT paid this man his two million, he was only fined £50,000, a small price to pay for 2 miillion profit!

You think with this size of fraud, BT would, on behalf of its customers, instigate obtaining this money back on behalf of the customers.

Heres the funny bit, I have the software, which can easily be modified for anything, in other words, I place my own numbers in there, if I obtain some Premium rate numbers!

I can even place a timer, to take out just £20 from everyones account, in the UK, that would be around 400 million, get fined £50,000 and have my hands slapped, but then its plain sailing!

Maybe move to Lichenstein! LOL


Or simply advertise the software for free on the net, and make the problem massive, so BT are forced to take action, then ask for my money back, when everyone in the country is complaining about the theft, with the response of, you are responsible for your own PC! Its your fault!

Heres the funny bit, I use to work for BT, I am a computer programmer, and worked on the server side for them, if I can get stung with this, the rest of you ,don't have a chance!

But there does seem to be a feww on here mistaking this for the I ticked No, instead of yes ploy used for over 12 years in the states and over here, this is something else!

Mt personal hitback, it currently to use one of the many re directed phone companies out there can be used straight away as an alternative to BT. This way, BT only get the line rental charge, the other company you go with, makes the profit, anjd to top it all, its is cheaper than BT in every instance!

So if you have been hit by this scam, want to start hitting back at BT, then change companies to another phone provider, like ONE, or>

http://www.call18866.co.uk/rates.php#

These people only charge a penny a minute, its even cheaper internationally too!

You can even keep your number, but when you dial out, you dial a prefix first!

Hope this helps

Down with BT's Apathy!

Regards

Mark. .

That not going to hurt BT at all since you'll spend more on the lease line than the phone call.

BT is a PLC so get shares in the company and get it back that way.

I think we can all agree it isn't BTs fault but why are they collecting the full amount? Am I right in thinking most of the revenue from these calls goes to the company who has the number? Surely BT know the companies in question are acting illegally in these cases? If this is the case they aren't going to give the money to them are they?

So many questions??

Did BT tell you about their Premium Rate number barring service? If they didn't, you may be able to at least get a reduction, on diminished responsibility (in their eyes - even though you know you weren't at all responsible).

Maybe tell them you are writing a letter to Watchdog about this - it seems to work for me when i have problems with companies.

Good luck anyway - i HATE viruses and dialers and the people who create them - they should all be pushed off Niagara Falls in a barrel, IMHO.

Nasty, very nasty.

it reminds me of the scam that involves a good looking lady knocking on your door asking to borrow your phone as her car has broken down. She then proceeds to call her "husband".
When your bill comes you've been charged hundreds. Now I always thought that there was a limit to the amount charged per minute but this scam suggests that the owner can set the charge to whatever they want. Anyone know if this is correct?

Anyway, I cant condole too much cos you pay my wifes wages ;-) tyvm.

Originally posted by rooby_roo
it reminds me of the scam that involves a good looking lady knocking on your door asking to borrow your phone as her car has broken down. She then proceeds to call her "husband".
When your bill comes you've been charged hundreds.

Who was she calling? A premium rate sex line or India?

Originally posted by alchresearch
Who was she calling? A premium rate sex line or India?

Neither, its a myth.

A harmless (scare) email virus doing the rounds where humans are the payload.

Originally posted by John
An harmless

This has been bugging me for about a week now so where better to ask than here! Is there some grammer rule that I aren't aware of that means putting "An" instead of "A" when there is a H. I thought it was meant to be only for vowels? This is the 5th time I have seen it this week when I never have before?

Hi Rooby

Answer to your question, the amount that a Premium rate company can charge is £1.50 a minute, but Icstis are thinking about increasing this to £5 a minute!

Icstis is the regulatory body for premium rate numbers, funnily enough, the same company fining these people, but pocketing the fine money. Maybe they will be come the Speeding camera ofd the phone world, there to earn money from fining people, it stikes me as weird, that these people have set up the Icstis company as volunteers, HHMMM I wonder why?

No one does anything for nothing in this day and age!

Regards

Mark..

Originally posted by markwit
I think he said he was running Norton Internet Security, but the words fire guard and chocolate seem to come to mind. I recommend Panda Internet Security, or, for no charge at all, Zone Alarm of course.

Thanks, Markwit
After reading this post, I downloaded 'zone alarm' firewall free, as you recommended - I also upgraded to their anti virus for £12.
I had no protection at all
:loopy: