Internet phone systems become the fraudster's tool.
Cybercriminals have found a new launching pad for their scams: the phone systems of small and midsized businesses across the United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. . <p>In recent weeks, they have hacked into dozens of telephone systems across the country, using them as a way to contact unsuspecting bank customers and trick them into divulging their bank account numbers and passwords. <p>The victims typically bank with smaller regional institutions, which typically have fewer resources to detect scams. Scammers hack into phone systems and then call victims, playing prerecorded pre·re·cord
tr.v. pre·re·cord·ed, pre·re·cord·ing, pre·re·cords
To record (a television program, for example) at an earlier time for later presentation or use.
Adj. 1. messages that say there has been a billing error or warn them that the bank account has been suspended because of suspicious activity. If the worried customer enters his account number and ATM password, the bad guys use that information to make fake debit cards and empty their victim's bank accounts. <p>Hackers made headlines for breaking into phone company systems more than 20 years ago -- a practice that was known as phreaking (jargon) phreaking - /freek'ing/ "phone phreak" 1. The art and science of cracking the telephone network so as, for example, to make free long-distance calls.
2. By extension, security-cracking in any other context (especially, but not exclusively, on communications -- but as the traditional telephone system has become integrated with the Internet, it's creating new opportunities for fraud that are only just beginning to be understood. <p>VoIP hacking is "a new frontier New Frontier
President John F. Kennedy’s legislative program, encompassing such areas as civil rights, the economy, and foreign relations. [Am. Hist.: WB, K:212]
See : Aid, Governmental in the crossover world of telecom and cyber (1) From "cybernetics," it is a prefix attached to everyday words to add a computer, electronic or online connotation. The term is similar to "virtual," but the latter is used more frequently. See virtual. [crime]," said Erez Liebermann, assistant U.S. attorney for the district of New Jersey. "It is an ongoing threat and a serious threat that companies need to be worried about." <p>Attacks on one of the most popular VoIP systems, called Asterisk, are now "endemic," said John Todd John Todd is the name of:
- John Todd (Virginia) (1750-1782), early Virginia official, Kentucky soldier, and grand-uncle of Mary Todd Lincoln
- John Blair Smith Todd (1814-1872), delegate to US Congress from Dakota Territory
Under the Radar is an American magazine that bills itself as "The solution to music pollution." It features interviews with accompanying photo-shoots. , because they often target smaller regional banks rather than high-profile national institutions. The scammers move from bank to bank each week after completing their campaigns. <p>According to according to
1. As stated or indicated by; on the authority of: according to historians.
2. In keeping with: according to instructions.
3. Liberty Bank, other regional institutions have also been hit with vishing attacks from hacked VoIP systems in recent weeks. <p>Liberty did not name the other banks involved, but in recent weeks, Union State Bank and Solvay Bank have reported similar scams. <p>Lewis was lucky that he didn't get hit with major phone charges. Depending on how their systems are configured, businesses can be held responsible for any phone charges -- international call charges, for example -- that arise from the incident. <p>"If someone starts abusing your telephone system, you are potentially on the hook Adj. 1. on the hook - caught in a difficult or dangerous situation; "there I was back on the hook"
dangerous, unsafe - involving or causing danger or risk; liable to hurt or harm; "a dangerous criminal"; "a dangerous bridge"; "unemployment reached dangerous for a lot of money," Digium's Todd said.<p>Liberty Bank First Vice President Jill Hitchman believes that the scammers who targeted her bank probably hit between 30 and 35 businesses and were making between 20,000 and 30,000 phone calls per day. "I don't think these companies realize they're probably going to be getting charges," Hitchman said. "The bigger issue is, how are these phone systems being accessed and why can't we stop it?" <p>Only a few Liberty customers fell for the scam, Hitchman said, but the attackers knew what they were doing. First they would sign up for AOL (A division of Time Warner, Inc., New York, NY, www.aol.com) The world's largest online information service with access to the Internet, e-mail, chat rooms and a variety of databases and services. accounts, to test that the card numbers worked. Because AOL offers free trial memberships, these charges do not show up for months. By that time, the scammers have put the information on fake ATM cards and emptied the bank accounts. <p>Businesses could prevent a lot of these attacks by changing the port they use for Session Initiation Protocol (protocol) Session Initiation Protocol - (SIP) A very simple text-based application-layer control protocol. It creates, modifies, and terminates sessions with one or more participants. Such sessions include Internet telephony and multimedia conferences.
It is described in RFC 2543. (SIP) connections on their VoIP systems, by blocking connections after a certain number of failures, and by simply using better passwords on their voice systems, security experts say. <p>The problem is that for most small and midsized businesses, security is just not a priority. "People care way more about whether their conference calls are going to have decent phone quality," said Rodney Thayer, CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. with VoIP security company Secorix. <p>They don't think about their VoIP systems as vulnerable to Internet attacks just like Web or e-mail servers, and that's a mistake, Thayer said. "They think about it as a different system, and it's not," he said. "It's all the same stuff; it's all data going over a network." <p>Copyright 2009 IDG IDG International Data Group
IDG Integrated Drive Generator
IDG Installation Design Guide
IDG Internet Discussion Group
IDG Inset Dielectric Guide
IDG International Dangerous Goods (mail, shipping) Middle East. All rights reserved.
Provided by Syndigate.info an Albawaba.com company
|Printer friendly Cite/link Email Feedback|
|Publication:||Network World Middle East|
|Date:||Nov 1, 2009|
|Previous Article:||China claims supercomputer among world's fastest.|
|Next Article:||Twitter Lists rolled out to masses.|