Voice pharming attack and the trust of VoIP.

Such an unauthorized call diversion capability enables a new attack, called voice pharming, against VoIP users, where the attacker transparently diverts selected VoIP calls to the bogus IVR (interactive ... In this paper, we seek to fill this gap by investigating the trust issues of currently deployed VoIP systems and their implications to the VoIP users. ... Acknowledgement The authors would like to thank the anonymous reviewers for their insightful comments that helped to improve the presentation of this paper. ...

doi:10.1145/1460877.1460908 dblp:conf/securecomm/WangZYJW08 fatcat:kfg4ikctizbetitd3bvkjfecg4

In the later sections, we will illustrate the organization of the small World VoIP (SW-VoIP) with details on the P2PSIP operations, functions, and its improvement in performance over the currently deployed ... Finally, we will summarize the different categories of security issues that are present in VoIP systems and provide an overview of the solutions detailed in the preceding sections. ... ACKNOWLEDGEMENTS We would like to thank Kalyan Pathapati Subbu, Vikram Chandrasekaran, Srikanth Jonnada and Chaitra Urs for all the editing support and help provided. ...

doi:10.1016/b978-0-12-415815-3.00030-3 fatcat:2tfkcsyugjhfjgijtzwqwmg7ia

We then empirically tested our design in conjunction with deployed Vonage VoIP services against a large body of attacks including billing, call redirection, voice pharming, and complex MITM exploits. ... the underlying VoIP protocol. ... These VoIP exploits could shake the long-held trust people have in voice communication. ...

doi:10.1109/noms.2012.6211937 dblp:conf/noms/FarleyW12 fatcat:hi56im5v6jhyplkvcxtmds3lbm

the voicemail servers of both the caller and the callee of selected VoIP calls; and 3) make spam calls to VoIP subscribers even if Do Not Disturb is enabled. ... We have implemented a number of attacks and experimented with VoIP services by leading VoIP service providers Vonage, AT&T and Gizmo. ... Acknowledgments This work was partially supported by NSF Grants CNS-0524286 and CCF-0728771. ...

doi:10.1007/978-3-642-00843-6_6 fatcat:y3gyje42lfaixgxeczyicyld3u

We present a survey of Voice over IP security research. ... We also briefly discuss the implications of our findings with respect to actual vulnerabilities reported in a variety VoIP products. ... This work was supported by the French National Research Agency (ANR) under Contract ANR-08-VERS-017. ...

doi:10.1007/978-3-642-10772-6_1 fatcat:5z7aiao4vjhh7fqx2enkbexu3i

The man-in-the-middle (MITM) attack has been shown to be one of the most serious threats to the security and trust of existing VoIP protocols and systems. ... attack on a Vonage phone, as long as the remote attacker knows the phone number and the IP address of the Vonage phone. ... Acknowledgement This work was partially supported by NSF Grants CNS-0524286 and CCF-0728771. ...

doi:10.1145/1533057.1533069 dblp:conf/ccs/ZhangWFYJ09 fatcat:kzvgunhkbzhwdjafmtgny5kaoq

We also find that the overwhelming majority of the surveyed work takes a black box view of VoIP systems that avoids examining their internal structure and implementation. ... We discuss the implications of our findings with respect to vulnerabilities reported in a variety of VoIP products. ... These vulnerabilities permit for large-scale voice pharming, where unsuspecting users are directed to fake interactive voice response systems or human representatives. ...

doi:10.1109/surv.2011.031611.00112 fatcat:qxpbre5q2zhwhkjeb63t2bkr2a

of the client. ... As more and more people are using VoIP softphones in their laptop and smart phones, vulnerabilities in VoIP protocols and systems could introduce new threats to the computer that runs the VoIP softphone ... [24] investigated the trust of several leading VoIP services (e.g., Vonage, AT&T) and showed that their VoIP calls can be transparently diverted and redirected-leading to voice pharming attacks on the ...

doi:10.1007/978-3-319-04283-1_7 fatcat:4pd6ic5v4nhmjnux6p56752vke

Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. ... Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. ... Voice over Internet Protocol (VoIP) is becoming a popular alternative to traditional phone lines. ...

doi:10.47893/imr.2011.1075 fatcat:r7w53celfnbaplhnu5o25nz57a

businesses, and uphold security and trust in the digital realm. ... Cybercrime, a broad category of illicit activities conducted via computer networks and the internet, spans a spectrum of malicious behaviours. ... Vishing, a portmanteau of "voice" and "phishing," leverages the trust associated with traditional landline telephone services to deceive victims. ...

doi:10.5281/zenodo.10671270 fatcat:4g64hplnprgqbpt5jh7qdoufye

Open Access

This study creates an advanced taxonomy of social engineering attacks with the aim of facilitating the development and implementation of better prevention measures, stressing the importance of organizational ... Although the types of attacks are different i.e. social, physical, technical or socio-technical, the process is the same. ... Omar Aldulaijan, GNS General Manager, for sharing his pearls of wisdom with us during the course of this research. ...

doi:10.5120/ijca2020919744 fatcat:kfbvjknhbbew3ebbkdy7vmouce

Social engineering is one of the biggest challenges facing network security because it exploits the natural human tendency to trust. ... This paper provides an in-depth survey about the social engineering attacks, their classifications, detection strategies, and prevention procedures. ... Conflicts of Interest: The authors declare no conflict of interest. ...

doi:10.3390/fi11040089 fatcat:sboj52i2pvcvrev6powu63zlo4

DOAJ Szczepanski

In the voice of phone call, It is because the communication system mainly conveys the voice and does not convey the facial expression, environmental situation, and psychological state of the other person ... The voices recorded by victims of actual telephone fraud were analyzed and the characteristics were summarized. ... Types of Voice Phishing Voice phishing is causing a lot of damage, the type of attack is classified according to the type of attack, damage type, and aggressiveness. ...

doi:10.14419/ijet.v7i3.33.18525 fatcat:dpwglt6nk5hdrg6eouba7goika

Open Access

The result showed that only two, (MITM and Web based) out of the eleven were not significant while the remaining nine were significant. ... and Mobile Phishing, depicting methods used by phishers to carry out their attacks against unsuspecting victims who are the internet users were presented to respondents to indicate their level of agreement ... It is believed to be one of the newest breakthroughs in telecommunications; it uses VOIP -Voice over Internet Protocol -to conduct it.Mobile Phishing: All respondents agree that GSM devices are used in ...

doi:10.5120/ijais14-451184 fatcat:xauifkkzkngh7a5xwjsipwvkuq

attacks, DoS attacks, and other threats combine to attack businesses and customers. ... In today's business environment, it is difficult to imagine a workplace without access to the web, yet a variety of email born viruses, spyware, adware, Trojan horses, phishing attacks, directory harvest ... First, criminals can take advantage of cheap, anonymous Internet calling available by using Voice over Internet Protocol (VoIP), which also allows the criminal to use simple software programs to set up ...

arXiv:1112.5732v1 fatcat:6rcxjz32z5fhrhe6yg252fky4e

Voice pharming attack and the trust of VoIP

Preserved Fulltext

Security Issues in VoIP Telecommunication Networks [chapter]

Preserved Fulltext

VoIP Shield: A transparent protection of deployed VoIP systems from SIP-based exploits

Preserved Fulltext

An Empirical Investigation into the Security of Phone Features in SIP-Based VoIP Systems [chapter]

Preserved Fulltext

A Survey of Voice over IP Security Research [chapter]

Preserved Fulltext

On the feasibility of launching the man-in-the-middle attacks on VoIP from remote attackers

Preserved Fulltext

A Comprehensive Survey of Voice over IP Security Research

Preserved Fulltext

Disabling a Computer by Exploiting Softphone Vulnerabilities: Threat and Mitigation [chapter]

Preserved Fulltext

Phishing: A Serious Threat to Online Banking

Preserved Fulltext

CYBER CRIME : A Review

Preserved Fulltext

An Advanced Taxonomy for Social Engineering Attacks

Preserved Fulltext

Social Engineering Attacks: A Survey

Preserved Fulltext

Prevention of Voice Phishing through Analysis of Telephone Call Voice Characteristic

Preserved Fulltext

Identifying Methods of Web Attacks towards Minimizing their Effects on Websites

Preserved Fulltext

Phishing - A Growing Threat to E-Commerce [article]

Preserved Fulltext