Digium, the original creator and primary developer of Asterisk, released a security advisory (AST-2008-003) in March 2008, which contains the information necessary for users to configure a system, patch the software, or upgrade the software to protect against this vulnerability.
If a consumer falls victim to this exploit, their personally identifiable information (PII) will be compromised. To prevent further loss of consumers' PII and to reduce the spread of this new technique, it is imperative that businesses using Asterisk upgrade their software to a version that has had the vulnerability fixed.
Further, consumers should not release personal information in response to unsolicited telephone calls. Providing your PII will compromise your identity.
"As with all types of scams, whether by computer, phone, or mail, using common sense can protect you," said Special Agent Richard Kolko, chief, National Press Office, Washington, D.C.