On 19 Oct 2003 15:10:21 -0700, yosponge@yahoo.com (sponge) wrote:

>On Sun, 19 Oct 2003 15:17:33 -0400, BoB <me@privacy.net> wrote:
>
>>Noticed this msg in another NG today.
>>______________________________
>>quote
>>I wanted the latest version of Winzip and Googled accordingly.
>>Received a list of sites and went for the "Free Downloads".
>>Got to a site called 1000downloads.co.uk
>>Clicked on 'download Winzip9'.
>>
>>My internet connection to my ISP was immediately terminated and was
>>reconnected to a new one with the premium number of 09097927979.
>>There was even a new entry in my Dial Up Networking folder and a
>>shortcut on my desktop.
>>
>>There was no indication of their call charges but at say, £1 per
>>minute, a thirty minute "free download" could be quite expensive.
>>I feel that an inexperienced user could be seriously conned.
>>end quote
>>___________________
>>
>>Someone mentioned megadownloads.com was a place to stay away from
>>and that they do show at the top of the site that they are a pay
>>site, 1.5 euros per minute, dialer - but in small letters.
>>
>>Neither megadownloads nor 1000downloads are presently listed in
>>either my 126k or 581k HOSTS file. Neither are listed in IE-SpyAd
>>for the IE restricted sites list. Shouldn't they be or is this just
>>"surfer beware"?
>>
>>BoB
>>For the duration of Swen, my address is inoperative.
>
>It is a dialer/hijacker called WebTelecom. There are so many of these
>things that's it's hard to keep the names straight, so I don't know if
>SpyBot or Ad-Aware identify it. I will send them a submission.

Thanks for following up.

>In the meantime, make sure that you do not pay those charges and inform
>the phone company of the situation. If you need help removing the dialer,
>post back here.
>
>Yes, it's a case of "surfer beware". Your other options are to take
>legal action against the site and maker of the trojan or push for
>legislation against this stuff.
>
>If you're more concerned about the here-and-now, the best thing you
>can do to enhance your security is to use another browser -- anything
>but Internet Explorer; that puts virtually all the dialers and
>hijackers to bed. Add www.megadownloads, 1000downloads.co.uk, and also
>the following line to your HOSTS file:
>
>127.0.0.1 www.sponsoradulto.com

Passed the above information back to the NG from which it came
and provided a url for Firebird v7.

>Forget about using Spyad -- it provides no appreciable security, since
>it mostly duplicates (but does not block) what's already on HOSTS
>anyway.

Uninstalled. That's one less thing for me to keep up with.

>Sponge
>Sponge's Secure Solutions
>www.geocities.com/yosponge
>My new email: yosponge2 et yahoo dot com

Thanks so much for your quick response Sponge.

BoB
For the duration of Swen, my address is inoperative.