Science & Technology: Charles Arthur On Technology

Tthere's a scam that has probably cost thousands of Britons sums totalling millions of pounds this year alone. And you could be among them without even knowing it.

The scam? Dialling software that downloads itself silently from the internet to your computer - perhaps via a pop-up window, web link or "software required to view our site" (and you thought it was image- processing code, didn't you?) and resets your connection settings to dial a premium-rate number. Then it silently disconnects from your ISP and calls the expensive number. That will cost you up to pounds 1.50 a minute instead of 1p a minute or free. Do that for a couple of hours, and you'll have run up a phone bill of pounds 180. And, if that happens each time you log on, the bill can quickly run into thousands of pounds.

You're not necessarily safe on broadband; many such users have a modem connected to the phone in case the high-speed connection dies, and the dialler will dial the premium number just the same. The only safe people are users of Apple machines or the Linux operating system: the diallers target Windows users because there are so many more of them. As so often in computing, being in a minority can be an advantage.

Most vulnerable to the scam are those using Microsoft's Internet Explorer, which doesn't have any blocks on the pop-up windows used to download the really sneaky versions of these programs. It's when you close the pop-up that the download begins. Often they'll take advantage of security holes in Explorer to install themselves; it's as bad as a virus.

The extent of such scams became apparent last week when Icstis, which regulates premium-rate lines, said it had taken powers to regulate anyone offering such software. Why? Because of a tsunami of complaints since the beginning of the year: Icstis is dealing with more than 10,000 complaints a week from people who discovered these unwanted extras on their bills.

Icstis took action last week with two big fines: one for pounds 50,000 against a company called DD Com, based in Liechtenstein; and one for pounds 75,000 against Edvan, based in Florida. But it's clear that dozens of companies have been ripping off British customers. There's a long list of the diallers' numbers (some legal, some "rogue") at http:// www.icstis.org.uk/icstis2002/ default.asp?Node=67#8.

Such diallers can be legitimate. Sites with premium content often mean pornography, but they can also mean TV, ringtone or special- interest areas. Several of the numbers listed are for TV shows such as I'm A Celebrity... Get Me Out Of Here!. Often, if you press the red button on your interactive TV, you'll be connected to one of those numbers. Icstis rates them legal if they make it clear how they work and how much they cost, and if they cut off after a certain cost level.

But plenty weren't legit. Often they took advantage of flaws in Explorer. Because it's the default browser on Windows, it's used by the least experienced, who are most liable not to take security measures.

So how can you check if one of these is lurking on your machine? Check your Internet settings (in the Control Panels area, from the Start menu). See whether the number being dialled there is the right one for your internet provider, which will start with 0845 or 0800 - or whether it starts with "090", the premium-line prefix.

If you've been hit, you'll need to check your phone bill - and probably previous ones too. Sometimes the diallers work by tripping in and out so that the amounts rung up are comparatively small - a few pounds, say. Steal a few pounds from thousands of people and it all adds up.

Removing the programs may be frustrating. It's hard to suggest how to do this for all diallers, as they vary in venom. But Ad-Aware and Spybot, both free downloads, should be able to detect most of them. Look, too, in the Task Manager (press Ctrl-Alt-Delete) for processes with odd names.

You can also get your phone company to block premium numbers: BT does this for free. And BT said last month that it would proactively block any premium-rate numbers it suspected were used by rogue diallers. "BT wants to show its 19,000 customers affected by dialler problems that it does not want to profit from a penny of the revenue being generated when people install the dialler software on their computers either inadvertently or without realising how much it would cost them," BT said.

So is this an example of moral good being put ahead of commercial gain? Not quite: BT said that for every pounds 100 charged to the scammed customer, it gets just pounds 1.85. Still, its action is good news.

You might wonder why Icstis took so long to act. "The problem has been building for three or four months," said Rob Dwight, a spokesman. "Now it's come to a head. We've spent two weeks speaking to the Department of Trade and Industry saying that we want permission to regulate these. The problem is that... we can't regulate the content of the sites. But we realised that we can regulate the software."