Dialers attempt to close one telephone connection (the one used for Internet access) and open a new one using premium-rate tariff.

How do dialers work?

A spyware dialer is a malicious program that is installed on a computer and tries to use the dialing features to call other numbers, often running up expensive phone bills for the victim. A dialer is unlike other types of spyware, though it is sometimes included with free software-type downloads.

They are difficult threats to detect however, and it is not easy to prove that the dialer has been responsible for running up telephone bills. Similarly, it is difficult to distinguish between a legitimate dialer and a spyware one, something that makes this type of infection hard to identify. Spyware dialers are however easy to eliminate once the file where it resides has been identified.


Legal and illegal dialers

The term dialer is also used to refer to any electronic device that connects to a phone line to monitor the numbers dialed, altering them to provide services that would otherwise require long national or international dialing codes. Dialers automatically add and edit numbers depending on the time of day, the country or the area code, enabling users to call via the service provider with the best rates.

Recently, the term dialer or autodialer has been used to refer specifically to those that have been created to fraudulently make connections without the user fully realizing the cost.


Distribution and effects

Dialers can reach your computer in two different ways:

  • Through Web pages, either by asking you to install a file required to access the page contents (it could be hidden among other files), or simply clicking a banner.
  • Installing free programs (shareware, freeware) downloaded from the Internet, where the license does not inform the user about the installation of a dialer.

Typical effects of dialers include changing the home page of browsers to reroute the connection as soon as it opens. They add icons to the desktop and the browser toolbar on the compromised computer.


How to identify malicious dialers

  • Without notification, the dialer is installed as the default connection.
  • The dialer creates unwanted connections by itself and without user interaction.
  • The dialer doesn't warn of the cost of calls before dialing.
  • They normally open a pop-up download window when opening a Web page.
  • The Web page makes little or no reference to the cost.
  • The high charges of the call are not displayed during the connection.
  • The dialer cannot be uninstalled easily, other than with specific security or uninstallation programs.
  • The download continues even if you click the cancel button.