Site hosted by Angelfire.com: Build your free website today!



The EXE File & Dialer Scam

An increasingly common practice is that of an adult website sending you an EXE file. An EXE file is an application, that 'executes' instructions. An EXE file can be useful (e.g. spreadsheets, games, word processors) or it can be nasty or destructive (e.g. viruses, worms, trojans)


There are different methods for a suspicious website to download an EXE file to you. These are the most popular two:

1/ Initiated by you clicking on a blind link, or clicking on a link that promises 'Thousands of Movies, No credit card needed!' or 'Unique Adult Search Software!' among other claims

or

2/ By automatically preparing your system for download by bringing up the default 'File Download' dialog box, or your chosen file download manager's dialog box, and giving the EXE file an enticing name like SEX.EXE or FREEDOWNLOAD.EXE. (** Although I'm not aware of any, it's possible that there are file download managers in use that can be set up to automatically commence the download without asking your permission, and far more dangerously, to actually open the file automatically when the download completes)

Assuming though that you have elected to click 'Yes' and proceed with the download, and then opened the file once the download is complete, you should be aware that your system, theoretically, is now at the complete mercy of the person who programmed the EXE file. Any malicious programmer or webmaster could do any of the following:

1/ The most likely consequence will be that your browser will be automatically configured so that your default dial-up ISP is changed to an overseas or 1-900 number. The massive charges (up to US$7 per MINUTE!) for adult material available for far less elsewhere is nothing less than a major scam. Consider that the cost of one hour's use of a dialer could buy over a year's membership at a quality paysite!

2/ Plant a Trojan. There are sophisticated Trojan programs such as SubSeven, Back Orifice, and Netbus freely available which allow someone to remotely take control of your computer while you are connected to the Net and do with it as they please (view/copy/delete files, steal passwords, etc). Some of these can even bypass some personal firewalls. Click here for more on trojans.

3/ Plant a virus or worm.
  

The lesson here is NEVER download or open an EXE file from the Net unless you are ABSOLUTELY certain of the legitimacy of the website. Even then there is no guarantee of security - there is a report of a program that claimed to be a useful utility that was uploaded to a popular shareware website, which was later discovered to be a disguised version of the Netbus Trojan.


Footnote 1- At least one scamming free adult webspace provider will substitute a group of JPG or movie files that you try to download using a download manager (e.g. GoZilla, NetAnts) with their dialer EXE files. If you see a group of similar sized EXE files in a folder where you expected JPG or movie files then DELETE THESE EXE FILES, DO NOT OPEN THEM! Notify the webmaster that his host is a scammer.

Footnote 2- Some dialers and so-called adult 'Browser Enhancements' which have downloaded and installed themselves in Internet Explorer as ActiveX controls may show up by this method:

1/ Select Tools -> Internet Options -> Settings -> View Objects

2/ Select View -> Details

3/ Double click each item in the Program File column. Be suspicious if you see the word 'dialer' in one of the fields of the General tab, or if there are very few or no details in the fields of the Version tab.  
For details on deleting an ActiveX control, click here

 

UPDATE - See the section 'A new nasty scam uncovered' for details on a dangerous scam that can download and open a dialer's EXE file on your system using ActiveX, without your permission.
 

Some horror stories involving dialers can be found here