Meet the Dark
Side of Internet Telephony
By: Eric
Durrand
Internet
Telephony, or VoIP (Voice
over Internet Protocol), is quickly replacing traditional telephony, as
more
small businesses and home users opt to use their broadband connections
for
phone communication. The number of VoIP phone lines in the US has grown
from
1.8 million in 2002, to 9.9 million in 2005, and is projected to go up
to 26
million by 2008, according to a research by the Telecommunications
Industry
Association (TIA). Providers like Cablevision, Vonage and others turn
VoIP to a
reality for many, providing quality telephone services for a fraction
of the
cost, or sometimes for a fixed price.
But not all
bodes well for early
adopters making the transition into Internet Telephony. As prices of
calls
plummet, spammers who are used to send millions of junk messages over
E-Mail
for free, start eyeing the new medium, dreaming of the potential to one
day be
able to make millions of pre-recorded commercial calls! Experts call
this new
threat SPIT: Spam over Internet Telephony, and unlike regular E-Mail
spam,
there is currently no simple filtering solution.
Qovia, a
telecom company based in
Frederick, Maryland, ran a simulation showing how a single PC can make
1,000
calls a minute using VoIP. In VoIP networks with unlimited calling or
“peering”, where there is no financial penalty for making thousands of
calls, a
spammer (or, rather, SPITer) might find it profitable to make infinite
calls even
with a very small percentage of response.
Another
threat involving VoIP is
dubbed Vishing, a paraphrase of Phishing, a common type of E-Mail
fraud. In an
ingenious fraud perpetrated recently for the first time, individuals
got a scam
call from what appeared to be the number of a respected financial
institution, and
told that their credit card had been used illegally. They were then
asked to
call a fake 1-800- number, and when they did an automated system
collected
their credit card details and promised to take care of the problem. In
fact,
the numbers went into the criminal’s database of stolen credit cards,
which
they could later use to empty their victim’s account.
Denial of
Service attacks (DoS),
is a final scary scenario to consider. If SPIT spammers can make a
thousand
calls a minute using a single PC dialing to different locations, what
can they
do if they keep calling the same number? The answer:
temporarily take
down the phone line which, in the case of a small business, could mean
considerable loss of income.
As with any
new medium of
communications, VoIP too will inevitably be abused by those who seek to
profit at
the expense of others. The solution, as always, is not to avoid new
technologies, but to embrace them with open eyes and stay wary of the
risks
involved. As certain nuisances become more acute, various solutions
will
undoubtedly be developed to fight them. We’ll keep you up to date with
what you
need to know.
|
