Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

The Inside Story of A Million-Dollar VoIP Scam

The $1 million scheme by a Miami man to allegedly defraud VoIP providers, and sell long-distance calls surreptitiously through their networks, was a surprisingly easy technical feat, and should give pause to providers and enterprises alike about how insecure voice services have become in a world where all calls will eventually be routed over IP networks.

Federal prosecutors charge that Edwin Andres Pena of Miami hacked into the networks of Internet telephone providers and fraudulently sold more than 10 million minutes of VoIP calls.

Pena allegedly sold $1 million of phone service to his customers at extremely reduced rates. But rather than buy long-distance minutes from existing providers to provide the service, he instead hacked into the networks of VoIP providers, and provided the minutes for free.

Here's how he did it.

Starting with a "Brute Force" Attack

  • 1