Wow. Check this out. A hacker (it is pretty generous to call them that), found some signatures on the Internet and used them to force wire transfer requests with FAXs. The article doesn't mention anything "fancy" like spoofing caller ID, just forged FAXs. I am amazed these went through.
Not really VoIP Security per se, but an attack through voice and faxes.