VoIP fraud: Understanding incident response that costs real money. presented at AUScert 2009

by Scott Mcintyre,

Summary : As the world's telecoms companies shift away from traditional technologies and move towards an all-ip infrastructure, fraudsters and organised criminals have already figured out how best to profit from this new technology. Voice over IP offers potentially massive benefits to consumers and businesses, but the inherent risks the technology brings about has already resulted in massive financial impact for those in a rush to implement without considering the implications. Understanding the trade-off of 'customer friendly' versus 'fraud friendly' is essential before deploying VoIP infrastructure. This talk will cover actual case studies that one provider has worked through in investigating a variety of VoIP abuse and fraud scenarios, the problems dealing with law enforcement and the impact to the customer and overall business model as they struggle to merge the old-world and new in this emerging technological standard. Intended audience: Law enforcement (might be of interest to the pre-conference-conference for LEA), consumers, businesses, ISPs and anyone using VoIP or wanting to use it. What they can learn: From our mistakes. Risk factors. How to begin to detect abuse and misuse of VoIP infrastructure. 'Signs of Evil' This talk could easily be of interest to law enforcement to understand the issues that require investigation, as well of managers and those deploying VoIP within their corporate environments. Consumers are also at huge risk, and anything I can do to help people not feel the pain we've felt would be well worth it.