subject: VoIP Phishing – 3 Easy Steps to Avoid Being a Victim of Vishing [print this page] VoIP Phishing 3 Easy Steps to Avoid Being a Victim of Vishing
Ever heard of VoIP Phishing? Yes, that is the mode of phishing attacks by hackers! Believe it or not, VoIP has made telecommunication very affordable but at the same it has made users more vulnerable to VoIP Phishing or Vishing (as it is popularly known). Fear not, there are ways to avoid being a victim of vishing.
Phishing is any type of personal data obtained by surreptitious means. Here a hacker will either send an email or voicemail making it appear like a genuine message from an authorized person or organization - either from a bank or an online financial account like Ebay auction site, PayPal or Western Union. This message will request your personal information like account userid and password and thus the hacker will harm you.
An example of phishing on the phone would be - you receive a voicemail from your internet bank stating that someone has hacked into your account and it requires you to call a certain number and verify your userid, password and also the secret security questions. The voicemail is really not from your internet bank but it is made to believe so. Typically, users panic when they hear such voicemails and forget to analyze the situation and think rationally. They immediately call the number stated in the voicemail and give out all the details. Thus they become victims of phishing!
Why is it easier to hack with VoIP rather than PSTN?
Let us examine how VoIP makes it easier for hacker and why didn't hackers attack the PSTN (Public switched telephone network or the traditional landline telephone)?
* With VoIP, hackers can tamper with the caller ID and make the caller's number appear like it came from your bank. It is much easier to tamper the caller number with VoIP when compared to PSTN.
* With VoIP, any mediocre programmer can call potential victim's number without compromising his / her identity. i.e., it is easier for the hacker to mask himself / herself.
* VoIP phone numbers can be quickly generated and destroyed before the authorities can trace the hackers.
* With VoIP, a hacker can simulate an international call using a virtual phone number and then call local numbers for phishing purposes.
* All VoIP hardware like IP phones and routers have become very affordable and can be moved anywhere and used. This makes it easier for hackers to move around and not get caught.
In general, the VoIP system makes it easier for the hacker to mask his / her identity. PSTN is the most secure system where the hacker has to be an expert to mask his or her identity.
Four Steps to Avoid being a VoIP Phishing Victim
1. Never give out any personal information to an automated telephone system. Usually, the hacker's voicemail will make it appear that it came from your internet bank and request you to call a phone number wherein you will be received by an automated phone system asking you to enter your password, social security number and other personal details. If you receive such a voicemail, call the number listed on your bank's website (instead of the one stated in the voicemail) to verify the information in your voicemail or just walk up to your bank office location and let them know about the voicemail.
2. Use anti-phishing software along with your PBX, which will filter out all the suspicious calls.
3. Create awareness among your friends, relatives and coworkers about VoIP phishing. This step itself can prevent and discourage hackers in a very significant way.
VoIP is one of the greatest inventions that provide very affordable long distance communication for individual users, small businesses and large corporations. With some awareness and creating awareness about VoIP phishing or vishing, you can avoid being a victim and also prevent others from being victims.
