[ISN] Microsoft chief of security hit by rogue dialler scam

InfoSec News isn at c4i.org
Thu Sep 15 00:52:14 EDT 2005


http://www.techworld.com/security/news/index.cfm?NewsID=4375

By Matthew Broersma
Techworld
09 September 2005

Microsoft UK's recently appointed chief security advisor, Ed Gibson,
has admitted to being hit by that lowliest of online scams - the rogue
dialler.

The scams are seen as mainly affecting the lowest rung of Internet
users - beginners using dial-up connections without basic security
software, such as a firewall, that would prevent infection or alert
them to the dialler's activities. However, broadband users can also be
affected via back-up modem connections.

However, the problem clearly isn't limited to Internet newbies, Gibson
reportedly said at a trade conference last week. A rogue dialler
recently cost Gibson £450 in phone bills, which BT is insisting he
pay. Gibson told attendees at London "eConfidence: Spam and Scams"  
conference that more must be done about the rogue dialler problem.

It isn't clear how Gibson, a former senior FBI officer specialising in
financial crime, was infected with the dialler software. Microsoft
wasn't able to immediately comment.

Rogue diallers secretly install code on a user's system causing modems
to connect to the Internet via a premium-rate number, whose profits
are siphoned off to the scammers. Public outrage over the scams
reached a high level about a year ago, and in recent weeks BT, the
premium-rate regulator and the government have begun taking action to
protect users, punish rogue dialler scammers more harshly, and to make
it more difficult for scammers to get at premium-rate funds.

ICSTIS, the regulator of premium-rate services in the UK, last month
announced that telephone providers will now be forced to delay
transferring funds to premium-rate number holders for 30 days. The
measure is expected to make it harder for the scams to operate.  
Previously number operators were paid within a couple of days.

In June, the government announced that rogue dialler scammers could
face fines of up to £250,000 under new government proposals backed by
ICSTIS. BT, for its part, earlier this year introduced free software
called Modem Protection designed to stop rogue diallers. The software
alerts users whenever the computer attempts to dial a number not on
the user's "safe" list.

Gibson started with Microsoft in July, after 20 years in senior
positions with the FBI. He has served as the FBI's assistant legal
attaché in the UK for the past five years, before which he spent 15
years as an investigating agent specialising in asset tracing and
confiscation, money laundering, intellectual property theft and
financial crime.

Over the past five years Gibson has become known in the UK for his
cybercrime lectures, beginning each lecture wearing dark glasses.

Gibson reports to Nick McGrath, head of platform strategy for
Microsoft UK. He replaced the more technically-oriented Stuart Okin,
who left Microsoft for Accenture last year.





More information about the ISN mailing list