VoIP phishing: how scammers do it

August 21st, 2017
VoIP phishing: how scammers do it

Although many companies still use traditional phones, an increasing number rely on VoIP’s (Voice over Internet Protocol) multi-functionality, which allows employees to make voice calls, conduct video-conferences, and chat. Although many scammers send fraudulent emails to extort money or steal data from businesses, new ‘vishing’ campaigns are proving to be a more efficient way to scam.

VoIP makes it easy to create fake numbers

One of the main reasons why vishing scams are on the rise is the ease by which cyber criminals can hide their tracks and pull off scams with minimal risk of detection.

Using a fake number, they can call one of your employees, pretend to be a bank or government representative, ask for critical business information -- like employee data, bank details, and company intellectual property -- and get away with it. Scammers can also manipulate local numbers to emulate multinational banks, which they will then use for various VoIP scams.

VoIP is easy to set up and difficult to track

Cyber criminals don’t have to be geniuses to configure VoIP deployments, make personal or automated phone calls, and run away with your money and data. They only need to know the basics of a VoIP setup.

VoIP hardware such as IP-PBXs, IP phones, and routers have become affordable and more accessible. Hackers can conveniently connect this equipment to PCs for the purposes of recording phone calls and stealing information from conversations.

Also, fake numbers are difficult to track because they can be destroyed instantly. And with advanced voice-changing software widely available nowadays, a vishing scam is much easier to pull off.

Caller ID can be tampered with

In some vishing scams, attackers don’t even have to destroy a number to cover their tracks. Instead, by tampering with the caller ID, they can trick users into thinking that they’re talking to a legitimate Microsoft technical support staff, a PayPal representative, or a fraud investigator.

VoIP scamming is cost-efficient

Traditional phones are still used for phishing scams, but they don’t compare to the efficiency VoIP affords, which allows attackers to target victims all over the globe at a fraction of the cost.

Other than traditional phones and email phishing scams, cyber criminals are resorting to VoIP scamming due to its cost-efficiency. Vishing scammers are sneaky and resourceful, and they will exhaust all possible means to attack your systems for profit -- that includes your VoIP channels.

Protecting yourself is simple

To protect against VoIP-based scams and ensure your employees aren’t easy targets, set stringent policies on information-sharing and impose strict security processes for all business communications. Protect your company against all types of scams by getting in touch with our experts today.

Published with permission from TechAdvisory.org. Source.