{"id":6600,"date":"2009-06-12T18:03:00","date_gmt":"2009-06-12T18:03:00","guid":{"rendered":"https:\/\/leap.staging.ribbitt.com\/evs\/insights\/identity-fraud-hits-net-telephony-05-14-2008\/"},"modified":"2023-04-19T20:58:09","modified_gmt":"2023-04-19T20:58:09","slug":"identity-fraud-hits-net-telephony-05-14-2008","status":"publish","type":"post","link":"https:\/\/leap.staging.ribbitt.com\/evs\/insights\/identity-fraud-hits-net-telephony-05-14-2008\/","title":{"rendered":"Identity fraud hits net telephony-05-14-2008"},"content":{"rendered":"<p><span>LOUISVILLE, Ky. (<\/span>May 14, 2008)<\/p>\n<p><strong>A new type of identity fraud, which sees hackers tapping into voice-over IP telephony accounts, has been highlighted by a VoIP equipment maker.<\/strong><\/p>\n<p>Usernames and passwords from voice-over IP (VoIP) phone accounts are selling online for more than stolen credit cards, Newport Networks has found.<\/p>\n<p>The information allows someone to use the telephone service for free.<\/p>\n<p>Net telephony fraud is still in its infancy, with eavesdropping on calls being the most common security flaw.<\/p>\n<p><strong>Capturing accounts<\/strong><\/p>\n<p>But the move into stealing usernames and passwords which are routinely sent across the network when a call is made, is a worrying new trend thinks Dave Gladwin, vice president of products at Newport Networks.<\/p>\n<p>&#8220;It is still at an embryonic stage but as voice adoption increases it becomes more of a problem and needs addressing,&#8221; said Mr Gladwin.<\/p>\n<p>The details are not sent as plain text but are encoded in such a way as to be &#8220;easily captured and unobscured&#8221;, said Mr Gladwin.<\/p>\n<p>Credit card details have been traded fairly openly online for some time and can be bought for around $12 (6) each. VoIP account details fetch a slightly higher price, at $17 (9), according to Mr Gladwin.<\/p>\n<p>The problem is less of a issue for businesses which routinely offer voice-over IP services for their employees because users are tied into a secure corporate network.<\/p>\n<p>But for consumers, relying on public or unsecured home wi-fi networks, there is more of an issue.<\/p>\n<p>&#8220;90% of carriers don&#8217;t offer a secure VoIP service,&#8221; said Mr Gladwin.<\/p>\n<p>He estimated it would cost around 2\/3 per subscriber for service providers to instigate the additional level of security needed.<\/p>\n<p>&#8220;Most of the software out there has the capability of running in secure mode if the service providers would accept it,&#8221; he said.<\/p>\n<p>VoIP provider Skype said its service, unlike some of its rivals, offered end to end encryption.<\/p>\n<p>&#8220;It doesn&#8217;t matter whether I&#8217;m on an open wireless connection, there is no way someone could get hold of my username or password,&#8221; said Jonathan Christensen, general manager of audio and video at Skype.<\/p>\n<p>He accepts there are security issues facing the industry, especially for providers that use &#8220;less robust security mechanisms&#8221; but he questions how big a draw a free VoIP account would be for net criminals.<\/p>\n<p>This is a view shared by Jupiter analyst Ian Fogg.<\/p>\n<p>&#8220;I have not seen security issues with VoIP as a big issue. This is partly because such services aren&#8217;t that mainstream and therefore have not been targeted by criminals in the way that e-mail and online banking services have,&#8221; he said. <\/p>\n<p><em>Source: BBC News<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Wednesday, 14 May 2008 A new type of identity fraud, which sees hackers tapping into voice over IP telephony accounts, has been highlighted by a VoIP equipment maker. Usernames and passwords from voice over IP (VoIP) phone accounts are selling<\/p>\n","protected":false},"author":40,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[97],"tags":[96],"class_list":["post-6600","post","type-post","status-publish","format-standard","hentry","category-press-release","tag-press-room"],"acf":[],"_links":{"self":[{"href":"https:\/\/leap.staging.ribbitt.com\/evs\/wp-json\/wp\/v2\/posts\/6600","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/leap.staging.ribbitt.com\/evs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/leap.staging.ribbitt.com\/evs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/leap.staging.ribbitt.com\/evs\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/leap.staging.ribbitt.com\/evs\/wp-json\/wp\/v2\/comments?post=6600"}],"version-history":[{"count":1,"href":"https:\/\/leap.staging.ribbitt.com\/evs\/wp-json\/wp\/v2\/posts\/6600\/revisions"}],"predecessor-version":[{"id":6689,"href":"https:\/\/leap.staging.ribbitt.com\/evs\/wp-json\/wp\/v2\/posts\/6600\/revisions\/6689"}],"wp:attachment":[{"href":"https:\/\/leap.staging.ribbitt.com\/evs\/wp-json\/wp\/v2\/media?parent=6600"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/leap.staging.ribbitt.com\/evs\/wp-json\/wp\/v2\/categories?post=6600"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/leap.staging.ribbitt.com\/evs\/wp-json\/wp\/v2\/tags?post=6600"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}