AOH :: IS1457.HTM

Criminals using VoIP system for phone scam

Criminals using VoIP system for phone scam
Criminals using VoIP system for phone scam 

By Robert McMillan
IDG news service
08 December 2008

Criminals are taking advantage of a bug in the Asterisk Internet 
telephony system that lets them pump out thousands of scam phone calls 
in an hour, the FBI has warned

The FBI didn't say which versions of Asterisk were vulnerable to the 
bug, but it advised users to upgrade to the latest version of the 
software. Asterisk is an open-source product that lets users turn a 
Linux computer into a VoIP phone exchange.

In so-called vishing attacks, scammers usually use a VoIP system to set 
up a phony call centre and then use phishing mails to trick victims into 
calling the center. Once there, they are prompted to give private 
information. But in the scam described by the FBI, they apparently are 
taking over legitimate Asterisk systems in order to directly dial 

"Early versions of the Asterisk software are known to have a 
vulnerability," the FBI said in an advisory [1] posted on the Internet 
Crime Complaint Center. "The vulnerability can be exploited by cyber 
criminals to use the system as an auto dialer, generating thousands of 
vishing telephone calls to consumers within one hour."



Help with a donation! 

Site design & layout copyright © 1986-2014 CodeGods