Article on Telecom/Toll Fraud in 2011

Here is an article summarizing telecom/toll fraud in 2011:

http://www.channelpartnersonline.com/blogs/peertopeer/2011/12/2011-s-biggest-frauds-and-phreaks.aspx

 

Caller ID Spoofing Used for Voice Phising (Vishing) Attacks

Here is an article describing how caller ID spoofing is being used for voice phising (they call it vishing) attacks. The basic idea is the hacker sets up an automatic dialing operation (robo dialing) and calls 1000's of consumers, using a bank's caller ID. The caller ID to use isn't hard to figure out, an bank's contact center 1-800 number should do just fine. This is easily tested - make a call with this number to any phone you control and verify that it comes up correctly.

A sophisticated hacker may have a list of numbers they know use the bank they are spoofing. If this information isn't available (it probably isn't), the hacker can just call random numbers, sooner or later they will find a consumer who uses the bank whose caller ID they are spoofing and also one that will be fooled.

There are no details in the article, but I assume since it appears that the calls are automatically generated, that the hacker plays a message that attempts to trick the consumer into calling back a number they have set up, which a human answers, who in turn attempts to get personal information from the consumer. This could also be automated, but that is a little harder - you would have to build a mini-IVR, with legitimate sounding bank prompts and so on.

http://www.darkreading.com/smb-security/167901073/security/vulnerabilities/232700095/fake-caller-id-attacks-on-the-rise.html 

 

Another Toll Fraud Attack

Here is a link to yet another example of toll fraud. No details about the attack were given. They mentioned a TDM system, rather than VoIP. Toll fraud can of course occur with both types of systems, although as I have said before, VoIP creates additional vectors of attack.

http://www.scmagazine.com.au/News/294797,1000-scam-calls-hit-wa-business.aspx

Also, while I was poking around SC magazines website, I found the following article from last year:

http://www.scmagazine.com.au/News/257265,auscert-cisco-ip-phones-prone-to-hackers.aspx

 

Another Article on Toll Fraud - VoIP Security Issue with Gateways

Here is yet another article describing a toll fraud attack. The amount was $30,000. The attack was enabled through a non-secure media gateway, where VoIP call were made on the LAN, inside the network, and converted to toll calls on TDM trunks (most likely PRIs). This isn't really a vulnerability of the gateways, rather a case of not changing default configuration.

http://www.computerworld.com/s/article/9224108/Security_Manager_s_Journal_Hackers_Call_Home_on_Our_Dime  

 

Hacker Gets Time for Payphone Fraud Scheme

See the following article. The hacker programmed payphones he owned to robo-dial (automatically dial) 1-800 numbers, which generated revenue.

http://www.loansafe.org/man-from-maryland-sentenced-for-4-million-payphone-fraud-scheme

 

 

 

New York Times Article About Toll Fraud Being Used to Fund Terrorists

Here is an article in the New York Times that describes how toll fraud is being used to fund terrorist activities:

http://www.nytimes.com/2011/11/27/world/asia/4-in-philippines-accused-of-hacking-us-phones-to-aid-terrorists.html?_r=2

 

VoIP Security Toll Fraud Issue Reported at Astricon

Here is a link to a short video from the recent Astricon Asterisk conference, where a $400,000 toll fraud attack was discussed. The basic idea is that the hackers break into the Asterisk voice mail system and use it to make toll calls. Here is the link:

http://blog.tmcnet.com/blog/tom-keating/asterisk/astricon-voip-security---400000-fraud---yikes.asp

New Articles on Toll Fraud

I created a separate list of the articles on toll fraud. They were buried in the long list of general articles. You can find this list to the right of the blog.

Voice and Unified Communications: State of Voice Security Webinar

The webinar we did on our Voice and Unfied Communications: State of Voice Security Webinar is available online. Sorry, you still have to register. Here is the link:

https://event.on24.com/eventRegistration/EventLobbyServlet?target=registration.jsp&eventid=299143&sessionid=1&key=1D85F3B3947BA08EE7CBE695FAD8983D&partnerref=ecweb&sourcepage=register

 

 

Man Sentenced to 7 Years for Long Distance Abuse Attack

Here is a link to an article about a man who was sentenced to 7 years, for installing software on PCs and using modems to dial premium rate numbers. Apparently this went on for a long time and generated millions of revenue for the attacker. This is a form of toll fraud/long distance abuse, that could probably go on unnoticed in many enterprises, as long as the attacker didn't get too greedy/generate too many calls.

http://www.pcworld.com/businesscenter/article/221108/man_gets_7_years_for_forcing_modems_to_call_premium_numbers.html

This certainly highlights the need for voice firewalls on connections to the public voice network.