IP telephony packets are captured by a monitoring device that’s connected to the network and are subsequently reassembled into WAV files, MP3 files or an alternative audio format. The technique can be used for legitimate purposes – for example, to assist in debugging – but also enables eavesdropping. The reassembled files can be collected later, emailed or otherwise sent on to the eavesdropper.
How to stop it: This problem occurs only where voice and data calls share the same logical network – for example, in the public internet – and where physical access is available to eavesdroppers.
It can be addressed by combining the logical separation of voice and data networks with physical and software security measures to limit access to the IP telephony infrastructure and ensure changes are made only by authorised personnel.
Calls can also be encrypted to prevent eavesdropping, but this process can delay IP telephony packets and reduce call quality.
The goal: To trick someone into taking action that enables theft or fraud.
How it works: In caller ID phishing, fraudsters fake the number of the calling phone, making it look as though a legitimate organisation – perhaps a bank – is making the call. This increases the chance that the called person will give away confidential information.
Alternatively, a technique called ‘call sink-holing’ has been described that modifies network behaviour and, in addition to its legitimate uses, can be used to redirect calls to an impostor.
How to stop it: The principal defence against misrepresentation is education aimed at raising user awareness of the problem and its potential consequences.
Regardless of the phone number or other details displayed when the phone rings, users should never give personal or confidential information, such as bank account details, over the phone without taking steps to confirm the caller is who he or she claims to be. Legitimate callers will be happy for you to call back on a number you know to be that of the relevant organisation, for example.