SPam over Internet Telephony threat grows

According to a report in the Guardian, hackers are increasingly targeting VoIP services, such as Skype, with SPam over Internet Telephony (spit) attacks.

Ironically, hackers have attacked the VoIP system at Columbia University, where Henning Schulzrinne is professor of computer science. Professor Schulzrinne was the co-author of the protocol that VoIP runs on – session initiation protocol (SIP).

SIP is used by most VoIP services, with the notable exception of Skype.

The attack left unsolicited marketing messages on multiple phone extensions at the university.

Professor Schulzrinne supports the view that VoIP is becoming a major target for spammers, especially with filters becoming more effective at blocking email spam.

Spit attacks have the potential to be more disruptive than email spam, because the larger size of voice files can soon seriously slow down networks.

David Endler, director of security research at TippingPoint, warns that voice phishing, or “vishing”, could soon start to increase in frequency.

Hackers could leave a bogus voicemail message from a bank, asking the phone owner to call in to a false number.

They would then be asked to reveal security details or enter a passcode on the phone keypad, which would give a hacker their identity.

Story link: SPam over Internet Telephony threat grows