Warning: Creating default object from empty value in /home/ict-forward/www-apps/wp-svn/wp-includes/ms-load.php on line 138
Security Risks When Using VoIP « The FORWARD project blog

Security Risks When Using VoIP

Identity and service theft
VoIP services can be phreaked. Phreaking is a type of hacking that steals or uses a service from a service provider on the expenditure of another person. Session initiation protocol (SIP) – an authentication method over VoIP calls, does not commonly use encryption, which results in VoIP services being phreaked.
Hackers steal user names, passwords and phone numbers through eavesdropping to take control over voicemail, billing information and call forwarding. The hackers do not always do this to gain access to a free service, but also to get important information like business data and other sensitive information.
It is another name for VoIP phishing, which involves someone calling you pretending to be a trustworthy organization (e.g. your bank) and requesting personal and sensitive information such as account number, credit card details, etc. The criminals who might phone you already have some information about you, which creates a false sense of security and consequently you give them more sensitive information.
Call tampering
Voice calls can be tampered by the attacker, who can simply flub the quality of the call by injecting noise in the communication stream. The voice call participants can meet long periods of silence during the call when the attacker withholds the transfer of packets.
Viruses and malware
VoIP equipment such as soft phones is vulnerable to malware just like any other internet application. The soft phone application runs on a user system (i.e. PC and PDA) and is easily exposed to malicious code attacks.
DoS (Denial of Service)
VoIP can suffer from DoS (Denial of Service) attacks. It is often achieved by overloading the network, device or consuming all available bandwidth. VoIP calls can be dropped untimely by also flooding the target with unnecessary SIP call-signaling messages, which results in halting of call processing.
SPIT (Spamming over Internet Telephony)
Spamming in VoIP has not become very common as yet but is beginning to be, soon. Like those emails we often receive consisting of online promotion, sales calls, now these messages are also going to VoIP voicemails. Since every VoIP account has an associated IP address, it becomes very easy for spammers to send their voice messages to numerous random IP addresses, which results in voicemails clogging. Spam messages sent to VoIP accounts can also carry malware and spyware with them.

Tags: ,

Leave a Reply