Posted on Friday February 21, 2020
Scammers have found a way to exploit vulnerabilities in VoIP (Voice over Internet Protocol) via a scam called vishing. This scam works much like any phishing attack: a scammer purports to be a legitimate entity and asks the potential victim to provide sensitive information. Learn how vishers operate.More cybercriminals are launching vishing scams because it's easy for them to hide their tracks and the risk of getting detected is minimal.
Using a fake number, scammers can contact your employees, pretend to be a representative of a bank or government agency, ask for sensitive information - such as salary information, account numbers, and company intellectual property - and get away with it. Scammers can also manipulate local numbers to emulate multinational banks, which they will then use for various VoIP scams.
It isn't difficult to configure a VoIP system, which makes it easy to make fraudulent phone calls or messages. Scammers only need to know the basics of a VoIP setup.
VoIP hardware such as IP-PBXs, IP phones, and routers are also inexpensive and quite easy to access. Hackers can conveniently connect these equipment to PCs to record phone calls and steal information from conversations.
Additionally, fake numbers are difficult to track because they can be ditched at any time. And with advanced voice-changing software widely available nowadays, a vishing scam is much easier to pull off.
In some vishing scams, attackers don't even have to terminate a number to cover their tracks. Instead, they can trick users into thinking that they're talking to a legitimate Microsoft technical support staff, a PayPal representative, or a fraud investigator simply by tampering with the caller ID.
Traditional phones are still used for phishing scams, but they don't compare to the efficiency that VoIP affords, which allows attackers to target victims all over the globe at a fraction of the cost. Cybercriminals resort to VoIP scamming because the price per call is much lower. Vishing scammers are sneaky and resourceful, and they will exhaust all possible means to attack your systems for profit - and that includes your VoIP channels.
To protect against VoIP-based scams, set stringent policies on information sharing and impose strict security processes for all business communications. Informed and aware employees are key to making sure that scammers are held at bay. Protect your company against all types of scams by getting in touch with our experts today.