Scammers exploiting hole in old Asterisk software
vnunet.com, 10 Dec 2008
The FBI has issued a warning to companies about scammers spoofing voice over IP (VoIP) calls by exploiting PBX exchanges.
The warning concerns Asterisk software that is used to integrate PBX phone exchanges with VoIP systems. A vulnerability exists in versions 1.2 and 1.4 that would allow scammers to spoof calls over VoIP and harvest personal information from callers.
The current version of the software, 1.6.0.3, has fixed the flaw, and companies running the software are being urged to upgrade. Recipients of VoIP calls are also being warned to check the identity of callers.
“As with all types of scams, whether by computer, phone or mail, using common sense can protect you,” said special agent Richard Kolko, chief of the FBI’s National Press Office in Washington, DC.
Agent acted as administrator to bring down crime site
Two-year operation ends in 56 arrests worldwide
This week we cover the continuing controversy surrounding the Orange T-Mobile deal
Using managed services to protect mobile data users from the latest security threats
Counting the cost of data security: the benefits of secured mobile services
Shifting Disaster Recovery targets with SharePoint and SQL server configurations
Using a hostbased recovery system for mission-critical systems
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.
Replacement warning functioning normally, claims software giant
Annual initiative warns of phishing, ID theft and social network...
Do you agree?
Have your say on this article