Spam over Internet Telephony (SPIT)

  IT Threats, Voice Threats   -  

Spam over Internet Telephony (SPIT) is like just superfluous e-mail. Although latter is better known as SPAM, the former is known as Voice SPAM. SPIT can cause a major aggravation to IP Telephony administrators and users alike since spam calls are disruptive to business. The main reason SPIT is becoming popular is that it is cost-effective for spammers. As you know, legacy PSTN-call spam already exists in the form of telemarketer calls. Although these calls are annoying, they do not arrive in the same kind of volume as email spam. The difference is cost; it costs more for the spammer to make a phone call than it does to send email. This cost manifests itself in terms of the cost for systems that can perform telemarketer calls, and in cost per call. However, the cost is dramatically dropped when switching to SPIT for many reasons: low hardware cost, low line cost, ease of writing a spam application, no boundary for international calls, and so on. Additionally, in some countries, such telemarketing calls over the PSTN are regulated.

SPIT can lead to busy PSTN channels, high processing load on the PBX and voicemail and endpoints (IP Phones) unable to answer calls. There are a different type of VoIP spam, IM spam:

Mitigation

The Cisco approach to address this thread is Malicious Call Identification service (MCID). MCID is a service by which a user that has received a malicious call from another network, typically the PSTN, may initiate a sequence of events that immediately notifies the on-net person (CUCM System Administrator), flags the on-net (CUCM cluster) Call Detail Records (CDR), and notified the off-net (PSTN) system or service provider of the malicious nature of the call to allow the off-net system to take actions, such as notifying legal authorities. This feature is supported in IOS gateways that terminate PSTN links.