The Australian Communications and Media Authority is planning to impose harsh penalties on support desk scammers. (Hat tip to Andrew Hayter for drawing my attention to that item.)

According to chairman Chris Chapman, nearly half of all the complaints they've received about calls to numbers on the Do Not Call Register have been about cold-calling scam calls of this type. So they aim to impose penalties of up to $110,000 AUS on telemarketers offering online virus removal and technical support.

As you may have guessed from my frequent blogs on this stuff, I would love to hit the time-wasters and fraudsters who keep ringing me up with a haymaker to the bottom line. And in theory, it's an approach that could work in the UK, where I live, too. Or anywhere where there is an equivalent to the Do Not Call Register, including the US.

Incidentally, I'm indebted to Mary Landesman for informing me that there is indeed a size problem in the US with what she refers to as ammyy.com scams (named after the Remote Access Software that they seem to be favouring nowadays to get a foothold on the victim's PC). I always thought there must be a problem there, but never seem to see any reference to it. That turns out to be because Mary is doing her usual sterling job of sorting them all out. :)

Unfortunately, there's a problem with imposing fines on those who don't honour these opt-out lists. In my experience (and I've had a lot of these calls, notwithstanding my subscription to the UK equivalent of the National Do Not Call Registry), most of the offenders are calling from call centres in India, even though they may seem to be using a local number (almost invariably somewhere around Kolkata). Even if you can get details of who and exactly where they are, trying to impose fines on transgressors on another continent is unlikely to work out well.

We have previously addressed some of the legal issues around opting out of being cold-called (and many other issues, of course) in a paper on this type of scam available on the white papers page.

David Harley CITP FBCS CISSP
ESET Senior Research Fellow