• On MovieTome: See the TRAILER for TERMINATOR 4!

August 10, 2004 4:00 AM PDT

Net phone customers brace for 'VoIP spam'

By Ben Charny
Staff Writer, CNET News

  • Print
Related Stories

Wi-Fi phones make a splash

 August 5, 2004

Study: Cable giants to flex VoIP muscle

 August 3, 2004

Vonage cuts Net phoning prices

 May 17, 2004

Court upholds Do Not Call list

 February 17, 2004
If you're sick of spam, imagine wading through dozens of prerecorded porn and Viagra messages on your voice mail.

Some computer security and privacy experts are warning that such a day may not be far off for customers of new Internet phone services, which marry the immediacy of a voice call with the conveniences--and inconveniences--of e-mail.

That could be unwelcome news for those who believe telemarketing is already so bad it can't possibly get any worse.

News.context

What's new:
The VoIP market is growing fast, and security experts say it's all but inevitable that new marketing techniques like "VoIP spam" will spring up to take advantage of its strengths.

Bottom line:
Using VoIP, telemarketers could send messages to thousands of addresses at a time. That could have a tremendous impact on VoIP providers, forcing them to expand their storage capabilities.

More stories on this topic

"The fear with VoIP spam is you will have an Internet address for your phone number, which means you can use the same tools you use for e-mail to generate traffic, said Tom Kershaw, a vice president at security specialist VeriSign. "That raises automation to scary degrees."

So-called voice over Internet Protocol (VoIP) services have begun winning converts thanks to cheap rates and a slew of features that traditional phone companies can't match. But consumers who adopt the technology could pay a steep price if "VoIP spam" takes hold.

There are now only about 600,000 commercial Net phone subscribers, a market too small for the attention of big telemarketers. But the VoIP market is growing fast. Technology research firm IDC predicts VoIP revenue will grow from $3.3 billion in 2003 to $15.1 billion by 2007.

Once the numbers begin to add up, it's all but inevitable that new marketing techniques will spring up to take advantage of VoIP's strengths.

Like e-mail, VoIP calls find their way by locating an IP (Internet Protocol) address, a unique set of numbers assigned to each device connected to the Web. By contrast, calls made over the traditional phone network are routed by instructions taken from a 10-digit telephone number. Using VoIP, telemarketers can send messages to thousands of addresses at a time, rather than tying up a single phone line to make one call.

The biggest likely impact of VoIP spam will be on voice mail boxes. They'll dutifully record every message they receive, while a human answering the phone will likely hang up within a few seconds. That could have a tremendous effect on VoIP providers that offer free voice mail; they would have to expand their storage capabilities to handle the additional spam messages.

Consider software from Frederick, Mass.-based Qovia, which seeks out the IP addresses assigned to phones, then sends each a 30-second recording. Its pace--1,000 synthetic calls every five seconds--is a quantum leap from the automated "Demon Box" dialers that telemarketers use now.

Qovia Chief Technology Officer Choon Shim said the company didn't create its VoIP spam generator to send "30-second calls about Viagra to millions of phones." Rather, it was to serve as a wake-up call of what could be a devastating problem for the growing Net phone industry, Shim said.

Aside from the pride of proving a concept, there are some benefits to generating so many messages. There has been interest from government agencies, Shim said, which have begun exploring how to use the VoIP spam generator to replace emergency broadcasts over television and radio. Information technology managers at companies wrestling with a large number of mobile workers could use VoIP spam to better manage the devices.

"We are not about selling tools to telemarketers," Shim said. "But these things are very easy to write, as we've shown in our labs. We can't stop other people from creating their own tools."

A trickle for now
So far, there have only been isolated cases of spam to homes, and only one known example of a corporate VoIP network spammed so heavily it was paralyzed, according to a handful of carriers surveyed this week.

"There are just so few customers in relation to what's available over landlines, that there's really no reason for telemarketers to even begin to think about it," said Gary Morgenstern, a spokesman for VoIP dealer AT&T.

Still, the issue appears to be gaining attention in some influential circles. The nation's two largest long-distance companies, AT&T and MCI, say the VoIP spam issue is on their agenda. And about six weeks ago, the United States Telephone Association (USTA) identified VoIP spam as one of the next major headaches, from a regulatory and day-to-day operations perspective.

"This threatens to be a big problem in the future," a USTA representative said.

Notably, telemarketers that use VoIP to target Net phone customers may not be required to comply with the Federal Trade Commission's recently created Do-Not-Call list, computer security and privacy experts said, citing uncertainty over its status.

"VoIP spam fits very nicely into yet another void in existing regulation," said Ray Everett-Church, a principal with privacy consultants ePrivacy Group in Philadelphia.

Commercial VoIP carriers say they are working to protect their customers. For example, Vonage, the largest residential VoIP services provider with some 200,000 subscribers, said it assigns phone numbers along with IP addresses, making it more difficult for spammers to generate hundreds of calls per minute, according to a company representative.

An MCI spokeswoman said VoIP spam is "not an issue on the network because we are engineering a solution to prevent it." She said the company knows of no incidents to date of VoIP spam on the MCI network.

The problem is still so new that it has largely gone unnoticed, Everett-Church said.

One of the first Net phone spams didn't cause much of a stir, he recalled. The recipients thought the pre-recorded telemarketing call they received was a harmless error on the part of the phone company.

But when people with two Net phone lines, assigned sequential telephone numbers, got the same pre-recorded call within seconds of each other, "it was very clear to them that their phone was being spammed," he concluded.

See more CNET content tagged:
VoIP, spam, Internet phone, BellSouth Corp., Viagra

Add a Comment (Log in or register) 1 comment
Phone is worse than email!
by hadaso August 10, 2004 1:23 PM PDT
A phone usually has one number (and in VoIP perhaps one IP) and it is hard to replace that number. The namespace ("numberspace") is very limited. The email namespace is much bigger, and one of the reasons that spam still exists is that people still insist on using an email address in the same way they use phone numbers, i.e., as if it is a scarce resource and you cannot have more that one or a few email addresses. But the fact is that anyone can get an unlimited supply of email addresses, but not of phone numbers. And by using this unlimited supply of email addresses wisely one can avoid spam. A spammer would have a very hard time sneaking a message in if most doors (email addresses) would only allow in certain kinds of messages. Of course in order for the average user to beable to use the large email address namespace to avoid spam, some things should be automated so the user does not have to be aware of what's happening behind the scene.

If VoIP is going to be relying on a one person/one phone number scheme, then spam is unavoidable. But if it is designed to allow multiple addresses the can be used to define one-to-one channels (or one-to-few) then it would be much harder to sneak in spam for anyone who is not defined as the other side of the channel.
Reply to this comment
advertisement

Latest tech news headlines

Resource center from CNET News sponsors
Aligning CIO & CEO visions
What CIOs need to know

Click Here!
It's a simple truth. The closer you and your CEO see things, the greater your chance for success. Our exclusive report can help you get there—and help your business grow. Get the report featuring the views of 765 CEOs on innovation. learn more

Click Here!
What CEOs think: Innovation Insights for CIOs

Learn How CIOs can deliver strategic success for their enterprises

The New CIO: Beyond Technology

Learn how CIOs become heroes

Podcast: Chris Gorog of Napster

Learn about the impact of technology in strategy execution

The future of the Enterprise

Read more about tomorrow's organization

CIO Vision Series:Innovating within a retail industry disrupted by the Web

Video: CIO of Virgin Entertainment Group, Robert Fort

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets

Market news, charts, SEC filings, and more

Related quotes

AT&T (2.77%) 0.68 25.19
Verizon Communications (7.43%) 1.97 28.47
Dow Jones Industrials (6.54%) 494.13 8,046.42
S&P 500 (6.32%) 47.59 800.03
NASDAQ (5.18%) 68.23 1,384.35
CNET TECH (5.95%) 56.25 1,002.00
  Symbol Lookup
advertisement

Inside CNET News

Scroll Left Scroll Right
News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
CES
Cell phones
Dell
GPS
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET