Bitphone is a new VoIP service, a perfect tool to perform some social engineering calls, but why?
Bitphone is like a Payphone, the only difference is that in this case you need to pay it with bitcoins (it accepts around 40 types of bitcoins), what helps the anonymity part.
To be able to use the service, there is no need to register, and you can pay your call by transferring bitcoins from your wallet, all this using a QR code transfer, and when you deal it will show up as an Arizona number.
If you register (not mandatory), there will be one major advantage, you can make show up whatever CLI you want when calling, meaning that you can call yourself and the CLI can even be your own number. You can also do conference calls with 2 people.
Yet about the registration part, there are no email checks about the owner of the email.
The calls are cheap (as many services now).
Bitphone is owned by Solidcloud.io and they say in their terms and conditions, that you must not use this service unlawfully.
There were cases in the past in the UK where regulators closed services that spoof CLI, but since this one is in the US there is no problem (let’s see until when).
Think like a crook and imagine the possibilities behind a service like this one.
About the Author Elsio Pinto
Edited by Pierluigi Paganini
(Security Affairs – Bitphone, VOIP)
Security Affairs Malware newsletter includes a collection of the best articles and research on malware…
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles…
Chinese "kill switches" found in Chinese-made power inverters in US solar farm equipment that could…
FBI warns ex-officials are targeted with deepfake texts and AI voice messages impersonating senior U.S.…
Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium, DrayTek routers, and SAP NetWeaver…
This website uses cookies.
