Welcome to the Small Business Ideas Forum! We are a community of over 100,000 small business folks with over 163,000 posts for you to browse. We pride ourselves on being the friendliest forum you will find and we'd love to have you as a member of our community. Please take a moment and register for a free account. If you need any help, please contact Chris Logan.

Small Business Ideas Forum

Small Business Ideas Forum

A friendly place to share small business ideas and knowledge, ask questions, find help and encourage others that are involved in the small business industry. Topics include small business marketing, generating revenue and small business computing.

Go Back   Small Business Ideas Forum > General Issues > General Small Business Issues
Register Search Today's Posts Mark Forums Read

Thread Tools
Old 15th July 2006, 01:33 PM   #1
VIP Contributor
SoKyBiz's Avatar

Join Date: Aug 2005
Location: Bowling Green KY
Posts: 185
Send a message via Yahoo to SoKyBiz
Default Don't trust your caller ID anymore

According to FoxNews and "Internet Security Systems" you can no longer trust your caller ID. They suggest that the new "Voice over IP" (VoIP) or internet phones make it easier for unscrupulous people to fake or "spoof" the caller id name and number. This is a very scary development because unsuspecting people who receive a call from XYZ Bank will look at the caller ID and believe it is their bank and answer the questions asked.
What's the big deal? Well identity theft is the key concern in this case but it could be much worse. Now, when someone steals your identity, they can even make phone calls "as you" and get more information.

Here is the report from Internet Security Systems (2003):
Vonage's Voice over IP network (VoIP) systems could allow a remote attacker to spoof a Vonage user's caller ID. By using Session Initiation Protocol (SIP) enabled VoIP hardware and calling a vulnerable Vonage user, a remote attacker can spoof the victim's caller ID by placing the victim on hold, once the victim answers the phone, and calls a third party, allowing the attacker to see the victim's caller ID information and assume that the attacker is the Vonage user.

Personally, I think Vonage is taking the brunt of this report because there are actually services out there that you can sign up for and create your own spoofed caller id. Spooftel.com and Telespoof.com are two I quickly found from Google.
Telespoof.com offers the first domestic and international Caller ID spoofing service, allowing business professionals to remain anonymous when calling from anywhere in the world, to anywhere in the world. We like to think of it as "mobile invisibility", the highest quality Caller ID spoofing service available anywhere in the world.

It was also suggested during the interview that attackers could use a combination of email, postal mail and spoofed caller id to earn your confidence so you will give up your personal information. It's really concerning to me because there are so many people who don't understand the technology and will simply trust MaBell.

So what are we to do? Trust no one. Okay, that's a little harsh but at a minimum, suspect any email, phone call and even postal mail as a potential threat, then use some common sense in confirming its legitimacy. Just like the spam phishing scheme to get you to give up your passwords, start having the same rules for people who call you.

Simple suggestion. When I get an email with a link to my bank or other service, I never click the link. I open my browser and type it in. I do this because I know that while the link might say "mybank.com" it could easily send me to imstealingyouridentity.com. Just like the phishing, a caller calls in from mybank and says, "We need to confirm your account security setting and we need you to give us your information." I say that I'm too busy right now and would like to call back. Ask for a number, but don't use it, instead use the number listed in the phone book or the back of your credit card. Odds are, when you ask for the number they will offer to call back or simply hang up. If they do give the number, keep it! If it turns out that it is a scam, law enforcement would be very eager to receive that information.
Anyway, hats off to "Chris" of Internet Security Systems. You did a great job on the air and your website doesn't suck either. (grin)

Like this article? Digg it at Digg.com!

David Francis | Bowling Green KY USA | SoKy Local Business

Last edited by SoKyBiz; 15th July 2006 at 01:45 PM. Reason: A little reformatting
SoKyBiz is offline   Reply With Quote
Register or log in to remove this ad.


Thread Tools

Get Updates
RSS Feeds:
RSS Feed for General Small Business Issues RSS for this Category Only: General Small Business Issues

RSS Feed for Small Business Ideas Forum RSS for Entire Forum
Forum Rules

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Small Business Ideas Forum

At Your Business - Small Business Directory
Free Business Forms - Prewritten Documents
Search Engine Guide
Small business guide to search marketing

Small Business Brief
Fetching the Best Small Business Info

Free Links - Free Advertising
Free Guide - Online Directory

Advertise your business here
Contact us for more details!

Semantic Juice
Register now to access free Quick SEO service!

Rocket Lawyer
Sign up for free 7 day trial. Boost your biz!

Buy UPC Codes
Get your products listed online!

All times are GMT -5. The time now is 10:38 AM.

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright 2004 - 2018 - Privacy