The warning concerns Asterisk software that is used to integrate PBVX phone exchanges with VoIP systems.
A vulnerability exists in versions 1.2 and 1.4 that would allow scammers to spoof calls over VoIP and harvest personal information from callers.
The current version of the software, 22.214.171.124 has fixed the flaw and companies running the software are being urged to upgrade.
Recipients of VoIP calls are also being warned to check the identity of callers.
“As with all types of scams, whether by computer, phone, or mail, using common sense can protect you,” said Special Agent Richard Kolko, chief of the FBI’s National Press Office in Washington, D.C.
FBI warns of vishing threat
By Iain Thomson on Dec 11, 2008 1:56PM