How to protect VoIP from scammers

How to protect VoIP from scammers

VoIP for Business provides a range of benefits, including substantial cost-savings that make it a must-have for most businesses.  However, as with most IT advances, VoIP has attracted the dark side of the developers.   Hackers and scammers are using VoIP for Business as a way to steal data and execute hacking exploits.

As with other types of malware attacks, business need to be aware of how these exploits are executed and what preventative measures they can take.

The first thing to understand is that most successful hacking attacks are by having users provide sensitive information. Scammers are becoming more sophisticated, and they are increasingly using VoIP to steal personal and company data or just cause mischief.

Here are some common types of attack and how to avoid them.

  1. Interception

    Interception

    An attacker can hack into your VoIP system to record business conversations.  They can then be  decrypted, sometimes in real time, to obtain crucial business or personal information.

    The first step is obviously to prevent hackers entering your VoIP system in the first place.  Change server passwords, and under no circumstances continue to use the manufacturer-supplied default passwords.

    Because your VoIP call is likely to be routed outside your network, protecting your calls from interception can be out of your hands.  If security is a major concern there are software tools that provide a second layer of end-to-end encryption.  Adding a second encryption layer makes it highly unlikely that calls can be decrypted in real time, and even when recorded calls are analysed offline.

  2. Hosted Services

    Hosted Services

    If you are using a VoIP Hosted Service supplier, you need to be very careful about the security they provide.  You need to be sure that they are as secure as you would be with an inhouse system.

  3. Firewalls and Security

    Firewalls and Security

    All companies already implement firewalls and security in their overall ICT infrastructure.   If you are concerned about security, it may be prudent to deploy a VoIP specific firewall that closes a VoIP session once the call is complete.  This prevents hackers piggy-backing on a session to find out information about your VoIP system.

    In a high-security environment, you may consider adding further layers of security, for example allowing only authenticated devices to make or receive VoIP calls.

  4. User Security

    User Security

    You can implement all the security technical features you like, but the majority of successful data breaches and hack attacks occur because of user error, deliberate or malicious.

    • Phishing

      Phishing

      In a phone-based phishing attack, the hacker calls a user and pretends to be from IT support or from a recognised company IT supplier. 

      In an attack on a user, they either quiz the user for personal information like credit card numbers, bank account details or information on family or friends.  Sometimes they claim to be from IT Support and need the user to go to a web-site, “to update their software”, and the malware finds its way onto the company network.

      Support policies applied by ICT need to ensure that all ICT maintenance functions are carried out by staff with verifiable credentials.  In any event, most ICT update functions can be carried out remotely without user involvement.

      Users need to be educated not to respond the requests by third parties to carry out maintenance tasks on their PCs and to refer the caller to IT support.

    • Fake Caller/Caller ID

      Fake Caller

      A phishing attack over a VoIP or cellular connection can be legitimised by having a caller-id that shows the call coming from a reputable source.   Unfortunately, caller-ids can be faked.  Users need to be very careful and verify that the caller is legitimate before divulging any potentially sensitive information.

    • War Dialing

      A carry-over from the dial-up modem days, a hacker sends out a phone message to hundreds of phone voicemail boxes, asking the caller to return a call. This legitimises the number and allows the hacker to carry out a phishing attack.

In short, VoIP defences have two components, technical appliance and software defences, and an education programme for users to make sure that they do not provide potentially sensitive information to a third party.   Obviously, electronic defences need to be kept up to date.  Users need to be educated on general and VoIP security on a regular basis.

Different type of VoIP services you need to know

Different type of VoIP services you need to know

The scope of VoIP Services has grown dramatically since they first appeared some years ago.  In size they are available from the Big Iron on-site replacements for the PABX to the small desktop-based software VoIP systems and in location from onsite to hosted.   In a similar way, the VoIP services offered have matured and grown in scope and applicability.

If we start with the assumption that VoIP is an essential for modern businesses of all sizes, then the question becomes what VoIP Services should a business consider.  What different types of VoIP services are there?

In essence, there are three types of VoIP Service: In-house, hosted and hybrid.Continue reading

Reasons why Cloud VoIP can help your Business

Reasons Why Cloud VoIP Can Help Your Business

The benefits that VoIP for Business can bring to your business are undeniable.  Add to that Cloud VoIP, hosted or on-site  and you have a winning combination that can add significantly to your business profile.

Depending on the size of the business, either implementation can be applicable.  However, having said that, a cloud-based approach can fit more easily with an existing cloud-based environment, either on‑site or hosted.

Before choosing a particular approach, it is best to consider firstly whether on-site or hosted VoIP is better suited to the business, and secondly, whether a Cloud-based architecture is appropriate.Continue reading

Five helpful VoIP guides for your Business

Five helpful VoIP guides for your Business

Thanks to digital convergence, Voice over IP (“VoIP”) business systems are commonplace in businesses worldwide. Most major Telcos, networking companies and many third-party suppliers provide VoIP for Business systems and services as part of their hardware and software repertoire.

As usual, you need to be careful before committing money and resources to a particular VoIP for Business solution by making sure you understand exactly what you want.    You need to consider the functions required of your VoIP solution and set them out in a wish-list.  Knowing your budget is also essential.  You can use these criteria to measure solutions and see how closely they meet your needs.Continue reading

The Ins and OUTs of Cloud PBX And Microsoft Skype For Business

The Ins and OUTs of Cloud PBX And Microsoft Skype For Business

One of the success stories of recent times has been the adoption of Digital Telephony by all sizes of business.  Large businesses have installed their own hardware and software, and small businesses tend to use Cloud PBX implementations, either in-house or hosted.

A more recent development has been the convergence of video conferencing with Cloud PBX implementations. Video calls using applications like WhatsApp and Skype have been around for some time, and have been used over the PSTN and digital telephone networks from both desktop and smart devices.  Since Microsoft bought Skype, introduced Skype for Business, and fully integrated it with the Azure cloud environment, it has become a major player in the Cloud PBX landscape.Continue reading

Four reasons why on-premise PBX will stay - for good

Four reasons why on-premise PBX will stay – for good

Many businesses have embraced digital convergence by replacing the traditional Telco supplied on-premise PBX with a digital PBX.  The positive benefits of the new features and functions of the digital business telephone system and sharply reduced call costs have proved too good to miss.  In many cases businesses have been able to reap the benefits of a digital business telephone system by moving to an external hosted solution managed by a service provider and moving away completely from the traditional Telco.  

There is a current debate going on about if it is better to use an on-premise PBX or an outsourced service provider.   There is no definitive answer, other than that for small businesses outsourced makes better economic sense, and on-premise is better for large business.Continue reading

3 simple tips on saving fees on International calls

3 simple tips on saving fees on International calls

The advent of Voice over IP telephony (“VoIP”) has radically changed the face of communications for both personal and business users.  It has opened up opportunities for enhanced, and substantially cheaper communications, especially for long-distance and international calls.  VoIP for Business has provided communications options that are not possible with a fixed line environment.

However, the prudent personal and business user needs to be vigilant to make the best return on their investment and achieve the lowest possible international call rates.

Here are three simple tips for personal and business users to make sure that they accrue the full benefit of cheaper international communications.Continue reading

3CX: A PBX System that doesn't break the bank

3CX: A PBX System that doesn’t break the bank

The case for moving to Voice over IP (“VoIP”) telephony is undeniable.  Cost savings, flexibility, and additional functionality are all major benefits of making the move.  However, for some organisations the cost of acquiring and installing a full-blown VoIP PBX System makes the move uneconomic.  There are alternative ways of having a VoIP PBX System that are easier on the budget, and not just by using some fancy financial footwork.

One way is to turn capital expenditure into operational expenditure by moving to a hosted PBX environment. 

In this scenario, you move your telephony to a third party who manages and maintains your PBX System on their equipment, on or off your premises. The only potential one-time costs of the move are any infrastructure upgrades and the supply of appropriate handsets.  In most cases, the handset costs can be included in the hosting charges.Continue reading

Six reasons why a business should switch to VoIP in 2018

Six reasons why a business should switch to VoIP in 2018

Unless you have been living on a desert island, you will have read in the media about Voice over IP (“VoIP”) Business phone systems and knowingly or unknowingly used one.  Why doesn’t your business have one?  Does the cost put you off?  Does the technology worry you?  Does the switch from the Plain Old Telephone System (“POTS”) to a digital Business Phone System worry you?

Here are six reasons why you should switch to a VoIP Business Phone System in 2018.Continue reading