Voice over Internet Protocol (VoIP) phone systems allow users to make and receive calls using the internet instead of traditional phone lines. This presents many advantages ranging from better call quality to lower costs. However, VoIP also has several disadvantages, one of which is that hackers can use VoIP phones to gain access to an organization’s servers and data through a type of fraud known as VoIP theft of service.
What is theft of service?
VoIP theft of service is the most common type of VoIP fraud. At its most basic level, it involves the theft of your organization’s VoIP account credentials, including usernames and passwords, either by eavesdropping or by introducing malware into your system. Once cybercriminals gain access to your account, they can freely make phone calls or change your call plans, running up your VoIP bill.
In addition, cybercriminals may use the stolen data to carry out other fraudulent activities. They can also use theft of service to flood your VoIP network with promotional calls similar to junk email via an attack called spam over internet telephony, or SPIT. Once they infiltrate your communications network, they might broadcast unsolicited messages or advertisements over your VoIP system. This keeps users from making or receiving calls, which can have a significant impact on your business’s operations.
How can you avoid theft of service?
Preventing VoIP theft of service simply requires using a little common sense and implementing some technical preventive measures.
- Make your passwords as secure as possible. Passwords must be 8–12 characters long, consisting of a combination of upper- and lowercase letters, numbers, and symbols. For added security, use passphrases, which are sentence-like strings of words. They’re usually longer than passwords, easier to remember, and more difficult to crack.
- Install firmware patches for your VoIP phones and infrastructure regularly, and keep your antivirus software up to date.
- Use fraudulent call routing detection and encryption software.
- Set up an enterprise-grade virtual private network (VPN) for employees working from home. A VPN encrypts incoming and outgoing traffic without compromising call quality.
- Review your organization’s call logs for any unusual trends or behavior, such as higher-than-usual call volumes or calls made during off-hours.
VoIP is an essential business communication tool, so it makes sense to understand what theft of service is to avoid its impacts on your company’s operations. For more information and useful tips on how to keep your VoIP system secure, drop us a line today.