VoIP: A New Era in Threats, Part 22

In our previous post we introduced VoIP as well as threats categorized as Eavesdropping and Social Threats. In this post we continue the discussion of phishing and spoofing threats to VoIP users and service providers. Specifically we will cover threats categorized as Interception and Modification as well as Service abuse.

Interception and Modification

Threats in this category describe attacks as the attacker ntercepting and modifying the traffic between two or more endpoints. These attacks are also known as Man in the Middle (MitM) attacks.

Call Rerouting: In call rerouting the attacker changes the call direction from one or more endpoints by altering the routing information in the protocol message. Reasons for rerouting are to either include illegitimate notes into a communication or exclude legitimate ones. 

Alteration: Alteration, as the name applies, refers to any unauthorized changing of communication. The attacker will alter some or all of the communication between endpoints in order to misrepresent identity, or deliver undesired information. These attacks can be extremely dangerous for the users as in many cases, the users think they are talking to a trusted person and may give up critical information to the attacker. 

Conversation Impersonation and Hijacking: Conversation impersonation and hijacking includes any modification of a communication in order to impersonate a trusted user or hijack the traffic completely.

False Caller Identification: False caller identification is a threat where the attacker calls a user and manages to signal untrue identity. An example of false caller identification could be that an attacker represents a bank employee and asks for a PIN or any other critical information that allows for access to confidential information or bank accounts. The victim may be more likely to give out this information if he sees the bank’s phone number calling him.

Service abuse

Service abuse covers threats regarding any kind of fraudulent activity as it relates to VoIP.  

Premium Rate Service Fraud: Premium rate service fraud is the act of deceiving someone to call a premium rate number without offering some reward or service for the process. Premium rate numbers bear higher calling cost as portion of the fee goes to the owner of the number. Fraudsters have many ways of enticing users to call these numbers and one popular way is by false advertisement. 

Improper Bypass or Adjustment to Billing: This threat describes any unlawful method to avoid service charges or bills. 

We have covered multiple threats to VoIP in this blog post as well as in our previous one. These threats are only a fraction of potential threats out there. It is therefore clear that VoIP introduces many new problems to both users as well as service providers. These problems have to be mitigated in order to satisfy the market need. Stay tuned for blog post number three in this three series blog were we cover some of the countermeasures available to mitigate against these threats as well as concluding this series.