According to the
United States of America’s Federal Communication Commission, “a Voice over
Internet Protocol (VoIP) is a technology that allows one to make voice calls
using a broadband internet connection instead of the regular (or analog) phone
line”.
VoIP is a technology that allows telephone calls to be made
over computer networks like the Internet. VoIP converts analog voice signals
into digital data packets and supports real-time, two-way transmission of
conversations using Internet
Protocol (IP). The most common form of VoIP system is Skype. Skype is a
free-mium VoIP service and an instant messaging platform developed by Microsoft,
first released in August 2003. Skype runs on a proprietary network protocol
i.e. a network that does not comply to any open standards.
Arguably, there
some issues of email spamming on internet users. The VoIP systems opens yet
another gateway for these spam issues. As the usage of VoIP increases, so will this
strategy of marketing via this system increase. This kind of spamming is known
as Spam over Internet Telephony (SPIT). Like email spamming, sending commercial
messages via VoIP is relatively cheap and fast. The VoIP offers a potential of
large volumes of unsolicited calls. This is due to the wide range of tools
available to attackers. These commercial messages are done by telemarketers.
Another issue
is Spoofing. Spoofing attack is a situation in which one person or
program successfully masquerades as another by falsifying data and thereby
gaining an illegitimate advantage. For example, an attacker could possibly
inject a bogus caller ID into an ordinary VoIP call so that the receiver
believes the call to be coming from a known and trusted source (a bank, for
example). The receiver, fooled by the electronic identification of the caller,
may place unwarranted trust in the person at the other end. In such an
exchange, the receiver may be tricked into disclosing personal information like
account numbers, social security numbers, or secondary authentication factor: a
mother’s maiden name, for example. This scheme is essentially the VoIP version
of traditional phishing, where a user follows links in an unsolicited email and
is tricked into providing personal information on a bogus web site. Attackers
may use these bits and pieces of personal information to complete partial
identity records of victims of identity theft.
Confidentiality concerns on
VoIP are been questioned. VoIP data sometimes travels unencrypted over the
internet. In this light, it is possible for someone to collect this data and
attempt to reconstruct a conversation.
No comments:
Post a Comment