home > solutions
Home  |   Contact Us  |   Company  |   Products  |   Solutions  |   Partners  |   Resources  |   News  |   Privacy  |   Legal
Copyright © 2008-2011 UM Labs Ltd.

Preventing Call Fraud

The problem of call fraud pre-dates VoIP by many years, but the growth of VoIP has created many new opportunities for fraud. VoIP call fraud occurs when an attacker can connect to your system and make calls without authorisation and at your expense. Frauds fall into two categories:

  1. Simple call fraud where the attacker makes a series of calls through your system leaving you to pick up the changes for those calls.

  2. Premium rate call fraud where the attacker sets up a premium rate number and uses an automated dialler to call that number through your system, pocketing the revenue generated.

Both frauds can be costly, but a premium rate fraud can quickly run up a very large bill.

Attackers make use of automated tools such as SIPvicious to scan the Internet for vulnerable systems, if your VoIP system is linked to the Internet to connect to a SIP trunk or to allow remote user connections, the chances are it will be found.


Solutions

SIP Connectivity

Security

Call Encryption

Skype Connections

Combatting Fraud

 

The Solution

The UM Labs SIP Security Controller includes a number of sophisticated call fraud controls. These controls work in two stages, firstly to prevent detection by automated scanning tools and secondly to detect and block unwanted calls.

Scanner Detection. Identifies scanning activity by checking the format of SIP requests and the frequency if those requests and discarding suspicious requests. Scanning tools such as SIPvicious and others are unable to detect a SIP Security Controller.

Black Lists. Known sources of attack and call fraud are blocked by IP address, by the caller, by the called number or other characteristics.

Call Admission Control. Rate limits and other controls prevent malicious or accidental misuse.

Quantifying the problem

Honeypot: To quantify the call fraud problem, UM Labs set up a honeypot, a system without the usual controls that could be detected by network scanning tools and misused by attackers to make fraudlent calls.

Results: In less than 24 hours our system was discovered by an attacked and calls started flowing. In just one hour over 350 calls were attempted, including calls to mobile phones in Haiti and Mali.

For a more detailed description of these tests, click here.