Saturday, January 06, 2007

Voice over IP under threat

Let's imagine a scenario that could become commonplace in the near future: A user has an IP telephony system on his computer (both at home and at work). In his address book on the computer there is an entry, under the name “Bank”, with the number 123-45-67. Now, a hacker launches a mass-mailing attack on thousands or millions of email addresses using code that simply enters users’ address books and modifies any entry under the name “Bank” to 987-65-43. The problem has now been created.

If any of these users receives a message saying that there is a problem in their account, and asking them to call their bank (a typical phishing strategy), they may not be suspicious, as they are not clicking on a link in an email (as they have been advised not to do to avoid this type of fraud) nor calling a number in the email (another typical ploy). If they use their VoIP system to call the ‘bank’, they will be calling the modified number, where a friendly automated system will record all their details.

Read more HERE.


Post a Comment

Links to this post:

Create a Link

<< Home