Voice over Internet Protocol (VoIP) is a type of phone system that connects to the internet to make calls, instead of the typical landline or mobile network. Many businesses have began implementing a VoIP system and for good reasons. VoIP systems see lower costs, higher call quality, portability, softphone flexibility, and it supports better multitasking. There are a variety of different benefits associated with implementing VoIP, but did you know they are at risk of theft of service?
Here is what you should know about VoIP theft of service and what actions you can take to to reduce the risk of this happening to your business.
What is theft of service?
The most common type of fraud we see with VoIP is theft of service. Theft of service deals with a person stealing your business’s credentials such as usernames and passwords through eavesdropping or malware introduced into your company. Once threat actors have infiltrated your system, they now have the ability to make calls on your system, change your call plans that will increase your bills, and other malicious activities known as “subscription fraud.”
Furthermore, cybercriminals can use the stolen data to perform other fraudulent activities. They can use this type of attack to flood your VoIP system with advertising calls similar to spam or junk emails known as Spam over Internet Telephony or SPIT for short. Once they have gained access into your system, they can begin to put out unsolicited calls. These spam calls can have a serious impact on you VoIP system as you may start to experience dropped or missed calls, lower quality of calls, and difficulty in making calls to others which will directly affect your day-to-day operations.
How can you avoid theft of service?
There are some preventative measures you can take to ensure your business is implementing good cybersecurity practices that will help protect you from threats like theft of service:
- Implement a strong, company-wide password policy. Passwords should be complex and you should avoid password sharing through communications platforms. It also helps to include a range of different characters such as numbers, letters, or other special characters making your password unique and hard to guess. We also recommend you use different passwords on different accounts. Using one, universal password makes you vulnerable to have all your other accounts hacked in the event that one is infiltrated.
- Make sure to regularly install firmware patches for your VoIP phones and infrastructure, and keep your antivirus software up to date.
- Use fraudulent call routing detection and encryption software.
- Set up an enterprise-grade virtual private network (VPN) for employees working from remote locations. A VPN is a great tool because it encrypts incoming and outgoing traffic without compromising call quality.
- Monitor your business’s call log to make sure you are not receiving an increase in the number of spam calls. Check to see if your see an increased frequency in unknown numbers and look to see how long the calls are lasting.
Other preventative measures:
Another recommendation we strongly encourage is 1) finding a hosted phone service that is reliable and trustworthy such as SkyCom. SkyCom is a phone service company specializing in providing Chicago businesses with reliable hosted phone systems such as VoIP, at an affordable cost. 2) We recommend finding a managed service provider (MSP) near you to monitor your cybersecurity needs to ensure your company is taking the proper preventative measures.
VoIP is an essential business communication tool, so it pays to learn about and set safeguards against theft of service to avoid its impacts on your company’s operations. For more information and useful tips on how to keep your VoIP system secure, drop us a line today by clicking here.