Scams being led by spam and phishing
What is spam?
Spam can be defined as an unsolicited e-mail on the internet. From the e-mail sender’s point-of-view, spam means a form of bulk mail sent generally either to a list of people obtained from spambot or to a list of people obtained from companies specializing in developing e-mail distribution lists. To the e-mail receiver, it usually appears like a junk e-mail. It is roughly equivalent to unsolicited tele-marketing calls. Spammers usually send a piece of e-mail to millions of receivers, expecting only a small fraction of them to respond to their offer.
What is phishing?
Phishing can be defined as an attempt made to acquire a customer’s personal information, such as credit card credentials, usernames and passwords. It is usually tried by sending an e-mail to users claiming false identity of a legitimate enterprise, attempting to scam the user into giving up private information usable for identity theft. Phishing e-mails redirect the user to a website where they are asked to update sensitive personal information such as credit card number, bank account number password or the social security key that the legitimate organization already has. However, the website is bogus and has been designed just to capture and steal all the inputs made by the user on the page.
Any method in which the perpetrator attempts to reach the target through a seemingly legitimate method to gather their details can be considered as phishing or spam. The most common electronic fraud tactic through which individuals are tricked into revealing sensitive personal or financial details to unauthorized entities is voice or VoIP phishing. The technology space also refers to it as Vishing.
VoIP phishing works in the same way as phishing but is not bound to take place over the internet. It is carried out using voice-based technology. A Voice phishing attacked can be conducted through different mediums, such as a voice e-mail, VoIP, or even landline or mobile phones.
How VoIP makes Phishing easy?
Phishing becomes easier with the usage of VoIP owing to following factors:
- VoIP is quite widely available as it is cheaper than PSTN
- VoIP allows the attackers to tamper with the caller ID and make it appear as if a trusted organization is trying contacting them.
- Any basic programmer with little knowledge of VoIP can easily manipulate its deployment and create a fake bank with fake numbers that they can use for duping their prey without even compromising their own identity.
- VoIP hardware has become affordable and are easily available with user-friendly software, facilitating the manipulators. These devices are portable and thus, could be taken anywhere.
- The easy integration of VoIP hardware with PCs makes it easier for voice phishers to record phone calls of different hooked victims, without being present there for the work.
- Unlike for PSTN, VoIP numbers can be setup as well as destroyed within a few minutes. Thus, it becomes almost impossible for the authorities to track voice phishers (Vishers)
- VoIP allows an attacker to create a virtual number for any desired country, following which he can use a local number to forward calls overseas, emulating the popular financial institutions abroad.
Spam or phishing has become a major problem for the internet users and thus awareness regarding phishing sites, spyware, antivirus and other forms of phishing attacks has accelerated amongst them.