Almost all of us have been the victims of e-mail spoofing – e-mails that purport to come from a trusted source, but are really sent by someone else. Spoofing is a serious problem for a variety of reasons; not least of which is the fact that many recipients are fooled into believing the source of the message they receive is valid. There are a variety of methods that can be used to reduce spoofing, including domain authentication and the use of SSL/TLS.

However, I believe that we’ve seen is just the tip of the iceberg with regard to spoofing, a problem that will be made worse as adoption of unified messaging systems become more widely adopted. The problem is not in the unified systems themselves, but rather because users will likely be even more easily fooled by voicemails in their inbox that supposedly come from a trusted source.

For example, I received a telephone call last week from a company that issued one of my credit cards. I had made some purchases from a Web site in Europe and the company wanted to find out if the purchases were legitimate. However, the inquirer was an automated system that requested my credit card number, month and date of birth, the last four digits of my Social Security number and other confidential information. The call was legitimate.

Now, imagine a scenario in which e-mail spoofers decide to send voicemails to companies that use unified messaging. A user receives a voicemail in their inbox, listens to a spoofed request for anything from credit card numbers to PIN numbers to employee ID numbers, and then provides that information, believing the request is legitimate. Compared to a spoofed e-mail, there are typically fewer clues in a voicemail to indicate the authenticity of the sender – users who today are fooled into responding to a spoofed e-mail will likely respond in like manner to a spoofed voicemail. The fact that spoofed IP-based voicemails can be sent in enormous numbers, just like spoofed e-mails, means that even if only a tiny fraction of users respond to these attempts the damage could be significant.

What’s your take on this? Is this a problem that just won’t happen or is it a legitimate concern for organizations that are considering unified messaging? Please send me an e-mail to share your thoughts.

Whitepapers

• 5 Biggest Blunders when Building Spreadsheet Applications in Java
• Automating Excel Reports: Five Approaches
• Java: Four Server-based Approaches
• 6 Simple Steps to Disaster Recovery Planning
• Boost Productivity While Cutting Costs with Next-generation Collaboration
• Deploying Virtualized NetWare on Linux Whitepaper

View more SOFTWARE whitepapers

Webcasts

• Creating a high performance workplace with wireless networking
• Harnessing the power of communications to increase workplace performance
• Making data centers the IT strategic focus
• Protecting assets and employees with IP Video Surveillance
• Stay out of the headlines: Detecting and preventing network intrusions
• Managing the End User Experience-A Real World Example of Success

View more SOFTWARE webcasts

Special Reports

• Executive Guide: Virtualization Reality Check
• WAN Optimization: The Ultimate No Brainer
• Keeping Spam at Bay
• Application Performance Management Executive Guide
• Executive Guide: Building a Service Oriented Architecture
• IT Buyers Guide To: Collaboration

View more SOFTWARE special reports