Caller ID Spoofing Good and Bad



Similar documents
Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams. May TrustInAds.org. Keeping people safe from bad online ads

Information Notice. Guidelines for VoIP Service Providers on the treatment of consumers

Telecommunication Origin Identification. Jie Zhang Vice chair, ITU-T SG2

Database to support inter-psap communications in Europe CEPT/ECC Feasibility Study. Freddie McBride, European Communications Office

Promoting Network Security (A Service Provider Perspective)

UMHLABUYALINGANA MUNICIPALITY FIREWALL MANAGEMENT POLICY

NICC ND 1016 V<2.1.1> ( )

Internet Security Protecting Your Business. Hayden Johnston & Rik Perry WYSCOM

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks

PBX Fraud Educational Information for PBX Customers

WEB ATTACKS AND COUNTERMEASURES

PHISHING & PHARMING Helping Consumers Avoid Internet Fraud Federal Reserve Bank of Boston

E-BUSINESS THREATS AND SOLUTIONS

Avaya Unified Communications Can Reduce Cell Phone Expenses

SIP Trunk Configuration Guide. using

Emerging threats for the healthcare industry: The BYOD. By Luca Sambucci

Internet Banking Attacks. Karel Miko, CISA DCIT, a.s. (Prague, Czech Republic)

Effective Methods to Detect Current Security Threats

PROPOSAL 20. Resolution 130 of Marrakesh on the role of ITU in information and communication network security

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

Remote Deposit Quick Start Guide

nexvortex VOIP DISASTER RECOVERY BUSINESS SOLUTION

Dr. David Turahi Director for IT&IMS - MOICT Uganda

Effective Methods to Detect Current Security Threats

Cybercrime : Malaysia. By DSP MahfuzBin Dato Ab. Majid Royal Malaysia Police

Firewalls, Tunnels, and Network Intrusion Detection

Protecting your business from fraud

INSIDE. Mitigating Online Fraud: Customer Confidence, Brand Protection, and Loss Minimization. Symantec Online Fraud Management

Learn to protect yourself from Identity Theft. First National Bank can help.

ADMINISTRATION COMPUTER NETWORK

Conditions for ICT Partner Solutions Service Schedule for BT Cloud Unified Communications

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.

IPv6 SECURITY. May The Government of the Hong Kong Special Administrative Region

Shield Your Business - Combat Phishing Attacks. A Phishnix White Paper

VOICE OVER IP SECURITY

TESTIMONY OF HENNING SCHULZRINNE Levi Professor of Computer Science and Electrical Engineering Columbia University SENATE AGING COMMITTEE

10 Quick Tips to Mobile Security

How To Behave At A School

location of optional horizontal pic Corporate and Investment Banking Business Online Information Security

TeleZapper. Frequently Asked Questions...

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation.

ECC WG NaN Green Paper

DDoS-blocker: Detection and Blocking of Distributed Denial of Service Attack

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

Could you spot a scammer?

UK Interconnect White Paper

Targeted attacks: Tools and techniques

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training - Session One

Common Cyber Threats. Common cyber threats include:

Security Engineering Part III Network Security. Intruders, Malware, Firewalls, and IDSs

Cyber Security. Securing Your Mobile and Online Banking Transactions

4/20/2015. Fraud Watch Campaign. AARP is Fighting for You. AARP is Fighting for You. Campaign Tactics. AARP can help you Spot & Report Fraud

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

Standards for VoIP in the Enterprise

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

ATINER's Conference Paper Series COM The Use of Honeytokens in Database Security

Policy. London School of Economics & Political Science. Application Control. Jethro Perkins Information Security Manager IMT

CONTACT DATABASES IN MICROSOFT OUTLOOK

DPS HOSTED SOLUTIONS

Berwick Academy Policy on E Safety

Parlay i60 - Application

When you are prompted to enroll, you will be asked to enter a Security Phrase and select/answer three different Challenge Questions.

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

Farmers Mutual Telephone Company (FMTC) Network Management Practices Policy

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

Consensus Policy Resource Community. Lab Security Policy

Recognizing Spam. IT Computer Technical Support Newsletter

Reduce Mobile Phone Expense with Avaya Unified Communications

Defending Against Data Beaches: Internal Controls for Cybersecurity

CCT Telecomm offers the following tips to ensure your protection from phone fraud at your home or business:

ICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation

Transcription:

ITU Workshop on Caller ID Spoofing (Geneva, Switzerland, 2 June 2014) Caller ID Spoofing Good and Bad Freddie McBride Numbering & Networks European Communications Office freddie.mcbride@eco.cept.org Follow us on Twitter @CEPT_ECC Geneva, Switzerland, 2 June 2014

About CEPT/ECC Geneva, Switzerland, 2 June 2014 2

Contents Definition of Caller ID spoofing History of CLI and erosion of trust in CLI Case Study: Experience from Ireland Lessons Learned Useful references Introduction of ongoing work stream within ECC/WG NaN on Evolution in CLI Decoupling of rights of use of numbers from service provision Geneva, Switzerland, 2 June 2014 3

Caller ID Spoofing is bad! Wiki Definition: Caller ID spoofing is the practice of causing the telephone network to indicate to the receiver of a call that the originator of the call is a station other than the true originating station. For example, a Caller ID display might display a phone number different from that of the telephone from which the call was placed The term is commonly used to describe situations in which the motivation is considered malicious. Important Policy Consideration ITU Policy initiatives to tackle spoofing should be cognisant of the fact that scenarios exist where the motivation may not be malicious. Geneva, Switzerland, 2 June 2014 4

Some history CLI was historically an important and trusted identifier CLI set by originating operator and trusted by transit and terminating operators. As intelligence moved from the network to the terminal, user-generated CLI became possible and the trust in CLI began to decrease Use of Internet for VoIP services further eroded that trust Geneva, Switzerland, 2 June 2014 5

Experience from Ireland Online PC Doctor scam Professionally organised scam To make its offer seem more genuine, its website listed an Irish number which people can also call Aim was to target unsuspecting, vulnerable groups Irish numbers auto-dialled by call centre application. When call answered called party connected to call centre agent Agent proceeded to tell called party that they have a virus on their PC. Called party asked to open up Event Viewer on PC Geneva, Switzerland, 2 June 2014 6

Event Viewer Geneva, Switzerland, 2 June 2014 7

Experience from Ireland-cont d The agent used a free tool called Log-MeIn which gives remote access to the PC 149-249 quoted to fix problem (which was to clear the event viewer log!). User asked for credit card details No rogue antivirus, keyloggers or Trojan Horse programmes installed A very basic scam essentially its just social engineering.but the numbering played a crucial role. The victims trusted the Irish Geographic number presented as CLI How did the scammers get Irish geographic numbers? Geneva, Switzerland, 2 June 2014 8

Numbering Resources Used Major VoIP operator had a secondary allocation of Geographic Numbers from an Authorised Operator in Ireland To get such a number the Irish National Numbering Conventions require that a user have a registered address within the Minimum Numbering Area (MNA) When signing up the address given is not validated it is merely an assertion by the user that they have an address in the MNA Online PC Doctor used this VoIP service to target its unsuspecting victims Crucially, when law enforcement authorities had difficulty in tracking down the perpetrators and bringing them to justice, the Numbering Conventions were sufficient to instruct the operators concerned to cease services on the numbers concerned. The VoIP operator and the Number Range assignee both co-operated without question However, it was then quite easy to start again with a new number and indeed valid addresses were provided for these new subscriptions in the Dublin area (usually commercial properties for sale) Geneva, Switzerland, 2 June 2014 9

Some Lessons Learned Outside of numbering, jurisdiction a huge problem in tackling these scams Awareness campaigns promoting customer vigilance most effective way of stopping scams Of course, there will always be some victims before awareness campaigns are effective Co-operation between national and international carriers is essential. The originating operator is the gatekeeper A harmonised international solution (i.e. ITU policy measure) could help Technical solutions required to validate originating numbers particularly for VoIP calls would also help ITU-T SG2 should take note of IETF STIR work in this regard Geneva, Switzerland, 2 June 2014 10

References (European Context) Some ECC deliverables which could also be useful inputs to inform any future policy initiative by the ITU ECC REPORT 133 - Increasing Trust in Calling Line Identification and Originating Identification ECC RECOMMENDATION 11/02 - Calling Line Identification and Originating Identification Geneva, Switzerland, 2 June 2014 11

Evolution in CLI Usage: Decoupling End User Rights to use Numbers from Service Provision Current work stream for Project Team Number Portability Focus on different scenarios where numbers used as CLI for services not directly associated with that number. Some examples Seperate inbound and outbound services for call centres, SIM Stickers for long distance calls. Many of these services are legitimate and usually have regulator consent on a case-by-case basis. Report at an early stage. Next meeting in June 14. The Report, when ready for consultation, can be sent to ITU-T SG2 for information Geneva, Switzerland, 2 June 2014 12

Thank You! Freddie McBride, Numbering & Networks European Communications Office freddie.mcbride@eco.cept.org Follow us on Twitter @CEPT_ECC Geneva, Switzerland, 2 June 2014 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information