Problem solve Get help with specific problems with your technologies, process and projects.

How to prevent VoIP phishing

Don't fall prey to a VoIP phishing scam. In this Information Security Threats Ask the Expert Q&A, Ed Skoudis explains why end-to-end encrypted VoIP phones cannot prevent VoIP scams and how to protect against them.

Do end-to-end encrypted VoIP phones prevent VoIP phishing?
No. While encryption is useful for protecting VoIP traffic from snooping, it does not stop VoIP phishing. VoIP phishing is when an attacker uses an automated tool to call VoIP numbers (and POTS numbers) to leave a message pretending to be your bank or other e-commerce entity. Therefore, even with a rock-solid encrypted VoIP connection, attackers can still make such calls.

To guard against VoIP phishing, be leery of giving sensitive personal information especially over your VoIP phone. And remember, VoIP caller IDs are easy to spoof, so don't trust the friendly voice on the other end of the phone line, until they prove their identity.

More Information:

  • Learn why hackers started using VoIP in phone phishing scams.
  • Learn how to mitigate other VoIP threats in this VoIP Security Learning Guide.
This was last published in August 2006

Dig Deeper on IPv6 security and network protocols security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.