Phone Phreaking

After learning more about cyber security and cyber hacking in class on Tuesday, I began thinking more about the impact that these two things could have on the developing world and projects implemented in the developing world. The presentation in class focused in cyber attacks and specific viruses and malware that have been used against the United States and other countries. It also touched on the implications cyber-warfare can have on the developing world, including human rights issues with spying on citizens and also the vulnerabilities that arise specifically in developing countries.

Hacking is “big business”, and digital currencies used in developing countries are especially vulnerable to being hacked. Another blog post touched on the helpfulness and innovation of M-Pesa, a service used in Kenya to transfer money via SMS in order to pay for goods and services. I was interested to see exactly how M-Pesa is affected by cyber hacking. I found this article detailing some downsides to M-Pesa due to phone phreaking (phone hacking). Hackers will spoof the caller ID, using the number of a bank. Users of the mobile money services then are tricked into giving the “financial institution” their information, and money is extracted from their bank accounts. It is estimated that US $13,000/month is stolen using this hacking technique. I assume this problem will only get worse with time as technologies become more and more sophisticated.

Advertisements

2 responses to “Phone Phreaking

  • caroline

    As we see money at risk, it is big business. We are seeing even more that everything can be turned into business. What we should do, because by nature as a country money is the biggest concern, is make people aware of the threats through appealing to this fear. I think that may be one of the most realistic routs to cyber security awareness in the US.

  • veggiemunster

    I think its interesting that tele spoof.com looks like a legitimate business. I had always heard of *69 calling folks and having your ID invisible, but I never tried it. Does that still work in the US? I decided to check out the website, and the way they describe it is that it is for the use of United States citizens, but specific kinds. Check out their “who will benefit” section:
    “Our service is intended for business professionals within the U.S. including, but not limited to; Private Investigators, Skip Tracers, Law Enforcement and Lawyers, giving them freedom to choose any number as the Caller ID. Telespoof allows you to be whoever you want to be.”
    I can see how this would be important for law enforcement, but all too easily this could be used for evil (hackers). How do they promise to keep it to only legitimate PIs and law enforcement? I don’t see anything on their website about how they intend to keep the service legitimate. However, on the website.informer, they say it is 99% child safe. What does that mean? False advertising, I think. It’s called the mywot scorecard, that’s where it comes from. There is one comment about the side: “Illegal and unethical”, but it has very high ratings….strange. HEre are the websites if you want to check them out:
    http://website.informer.com/telespoof.com
    http://website.informer.com/visit?domain=telespoof.com
    https://www.mywot.com/en/scorecard/telespoof.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: