Category Archives: Tech In Your Business

VoIP Phishing: What It Is and How It Works

VoIP (Voice-over Internet Protocol) phishing, also known as “vishing,” is an electronic tactic that tricks individuals into revealing critical personal or financial information to unauthorized entities. This type of technological attack has become infamous among data thieves as it is seen to be a much easier form of data theft. Despite the technology awareness we have today, there are still a significant bunch of users who fall into this trap.


How It Works

VoIP phising works by sending a prospect victim an email or a voice mail that seem to look like an official message from a legit company, such as PayPal, eBay, etc. The email, which was sent by data thieves, contains a message about a problem in your account and will then request you to call a number or go to a website where you’ll have to provide your personal data, such as passwords, security codes, and credit card number, to find solution to the alarming problem.

Many users believe and get tricked so easily that they immediately give their private information, which are then used to make purchases or clone credit cards, to the unauthorized entities.

VoIP and Phishing

Before VoIP Singapore became popular, phishing tactics were done through spam messages and Public Switched Telephone Network (PSTN) landline phones. Unlike a cloud PABX phone solution from Singapore, since the integration of Voice-over IP in many offices and homes, attackers found a more convenient way to lure victims through phone calls, making prospects more accessible as not everyone have email accounts.

But why data thieves did not use phone communication with PSTN before as much as they use voice-over IP today? Most likely, it is because PSTN is the safest way of telecommunication, with its highly secured network and communication system. In other words, voice-over IP is much more vulnerable than PSTN.

How Voice-Over IP Makes Phishing Much Easier

There are several reasons why attackers find more convenience using VoIP Singapore than PSTN. These reasons are:

• Voice-over IP is lot cheaper than PSTN and available almost everywhere.
• It is easier to tamper with the caller ID through VoIP and make it appear that data thieves are calling from a trusted organization.
• Hardware, like ATAs, IP-PBX, routers, and IP phone, has become more affordable and user-friendly, thus facilitating aims to manipulate prospect victims. Moreover, voice-over IP hardware is very portable, making it easier for illegal entities to do their job almost anywhere.
• Unlike with PSTN, voice-over IP numbers can be easily set-up and broken down in a matter of minutes. So, it’s nearly impossible for authorities to track suspects down.
• With voice-over IP, data thieves can easily send one message to hundreds to thousands of recipients at once, instead of typing a single phone number for each phishing call.

Vishing scams netted fraudsters £7m in the past year

Examples of Phishing Tactics

In order to avoid falling into the traps of voice-over IP phishing, it’s important to know or even just familiarize the different ways of how data thieves do their tactics.

1. You get an email or a voice mail from your banking department saying that an unauthorized entity is trying to tamper with your account’s password and that a counter action must be done immediately to save your account. You’re then requested to call a number and provide the asked information to change your existing account information.

2. You receive an email from eBay, PayPal, or any of the same companies, informing you of some discrepancies from your part and saying that your account is currently frozen. You are then informed that the only way to get your account functioning again is to click a certain link and provide the necessary credentials asked in the site.

3. You’re phoned by your bank saying that they notice some fraudulent activities on your account and asking you to call back or give your credit card number, password, account number, etc.

The main gist here is that phishing tactics for VoIP, PBX and PaBX often ask for information that is not usually disclosed to anyone, including bank accountants or any authorized personnel. Personal information, such as passwords and bank account numbers, is the most asked data by thieves as this will enable them to completely gain access to private ownership. If you happen to encounter such an instance, offer to phone back the caller and double check with your company for this activity.