VoIP is a hot technology for enterprise communications, but it is also a hot communications technology for consumers. Vonage has been around for years. Most cable TV providers have added both broadband Internet service and VoIP phone service to their product inventory and offer bundled pricing that make it more cost effective for consumers to purchase all three from the one provider.

Of course, free is good too. Skype was one of the first to emerge as a free voice over IP communication tool. Over the years it has evolved and actually provides a pseudo-unified communications and pseudo-social networking experience in addition to the voice communication. In fact, for some small and medium organizations Skype has been embraced as a communications tool in the enterprise as well. Google got into the game more recently with Google Voice. By virtue of being Google, their product has become somewhat of an instant success as well.

Recently a researchers at Secure Science demonstrated methods they have discovered that allow them to listen to or hijack Skype and Google Voice calls. The attacks could be used to launch a 'botnet' style VoIP attack, harnessing thousands of compromised VoIP accounts to make spam telemarketing calls that can't be traced. An attacker might also be able to lure a user into surrendering sensitive information such as credit card or social security numbers. The attacks are different for Skype and Google Voice. You can learn more about the details from this PC World article.

Google responded quickly and worked with the researchers to address the weaknesses in their system and improve their authentication process to prevent the attack. Kudos to Google. The attacks spotlight some of the issues with VoIP though. I know it seems sort of 'broken record' but consumers and enterprises alike are adopting VoIP for all of the benefits it can provide with no regard for the security concerns that come with it. They take for granted the relative security that traditional phone communications have enjoyed and forget that when you move voice communications onto the data network it becomes subject to many of the same risks and threats while also creating whole new risks and threats that didn't previously exist.