If you are in charge of a VoIP system or planning to deploy one, then VoIP security is probably one of your considerations. VoIP calling is a great way to field a high volume of calls without breaking the bank. However, many overlook the ways in which VoIP calls may be intercepted or tampered with.
To head off threats, consider using a hosted VoIP option like IPOne Complete from DoubleHorn. Transmitting calls through a secure hosting facility greatly decreases the risk of malicious attack. In addition, inquire about security before you enter into a service agreement with a hosting provider. They should be willing to outline their security practices.
Ultimately, hosting providers will go to great lengths to provide secure VoIP service. With premises-based systems, however, security is on you.
DoubleHorn takes security very seriously and takes many levels of precaution to ensure our networks are secure. Measures such as encrypting voice services, building redundancy into VoIP networks, locking down VoIP servers and performing regular security audits to secure the network. As with traditional IP networks, it is also important that VoIP equipment is properly locked down, placed behind firewalls, patched against vulnerabilities and frequently monitored.
- Phishing – This is a very common Internet security threat and often includes cybercriminals posing as banking institutions or email providers. Phishing scams are often placed via text, audio or SMS. Instead of taking every alert seriously, contact the banking institution directly (with the telephone number listed on bank statements, not the one listed in the phishing attempt).
- Audio Spam – This is very similar to email spam and accounts for approximately 10-percent of spam online.
- Call Hijacking – This is actually relatively sophisticated and is used by cyber criminals who take advantage of free WiFi hotspots. When someone makes a call on a WiFi hotspot, the cyber hacker can hijack the call and obtain sensitive information.
- ID Spoofing – This is when a cybercriminal makes calls but presents a different caller ID to the receiver. This can also affect regular traditional telephone calls.
- Call Tempering – This is not dangerous, just inconvenient. An attacker will simply strive to ruin the call quality by injecting annoying noise packets directly into the data stream. These attacks are not profitable and more of a nuisance, so they are not commonly employed by cybercriminals.
- Man in the Middle Attacks – This is most common when using an unsecured WiFi connection. The cybercriminal attempts to intercept the call and reroutes it through their servers, which ultimately gives them the ability to inject malware and spyware into the caller’s system.
- Malware – The effect is often indirect, but many computer software programs are vulnerable. In fact, this can be injected months in advance and activated once a VoIP connection is established.
- Eavesdropping – Just as with traditional landlines, VoIP users are at risk of someone eavesdropping. The data obtained while eavesdropping is usually used for identity theft purposes.
Hosted VoIP solutions are becoming very popular and are gaining ground in the SMB market. Hosted solutions relieve you from managing your own security with an onsite PBX system. Rest assured DoubleHorn takes all necessary precautions to prevent these infectious attempts. Contact us today for a free assessment and quote.