VoIP telephony has become increasingly popular with business, predominately for the technology’s low cost, rich feature set, and increased level of portability. However, the internet-based nature of the technology can leave it susceptible to hacking and fraud, both of which can be detrimental to your operations, reputation, and bottom line. Premium route fraud, inbound toll-free abuse, black and grey routes, caller ID spoofing, and voicemail hacking are all threats the companies must address, particularly since attacks during off-peak hours may go undetected for significant periods of time. By instituting the right processes and procedures, you can decrease your odds of becoming a victim of VoIP hacking and fraud. Here are four tips to get you started.
1. Conduct Annual Audits
An annual security audit is essential if you operate PBX systems on public IP addresses. It gives you the opportunity to review your fraud controls to ensure they align properly with your current traffic patterns, allowing you to make adjustments that can protect your systems.
2. Implement Maximum Default Rates
Setting maximum default rates for outbound calls allows you to define use parameters, giving you the ability to block calls that fall outside a predefined scale. While some companies may fear this approach limits employees who may actually need to place a call, these can be customized based on your typical traffic patterns. Before implementing a maximum default outbound rate, review your normal traffic to identify a potential rate cap that won’t harm productivity. You have the ability to adjust the rate as necessary, so don’t be afraid to be fairly conservative initially, as this provides better protection against fraud than a generous buffer.
3. Add a Whitelist
By creating a destination whitelist, you can provide workers with additional flexibility, allowing them to bypass the outbound rate if they are contacting an approved destination country. Essentially, it gives you the ability to limit fraud by blocking calls to particular destinations if it surpasses a specific volume without harming your employees’ ability to reach out to contacts in approved nations. Alternatively, you can use a whitelist to prevent calls to any country that isn’t on the list, providing additional protection against potential fraud. This means your phone system can’t be used to contact specific destinations, regardless of the outbound rates. Typically, this approach is ideal if you only do business nationally or in a few countries, as any other call will be automatically blocked.
4. Use IP-Based Authentication
If your VoIP system uses a static IP address, then consider enabling outbound call IP-based authentication to create an additional level of security. This restricts outbound activities to internal IP addresses only, making an authorized network connection mandatory for completing outbound calls. Companies that have mobile users that log in from dynamic IP addresses may want to deploy a third-party tool to blacklist IP addresses that are deemed potential threats. These solutions can monitor logs to identify IP addresses with multiple failed password attempts and blacklist them as a security measure, effectively automating part of the process. And, should a genuine user be blocked by mistake, simply removing their IP from the blacklist can restore their ability to make calls. By following the tips above, you can take a proactive stance in the battle against VoIP hacking and fraud, heightening your level of security and mitigating the damage should an attack occur.
