Protecting Your Business Against SIP Fraud

Is SIP trunking fraud preventing you from upgrading your phone lines? Here we talk about SIP trunking and ask if it really is a hacker’s dream…

In order for a business to stay current and efficient moving forward, SIP trunking is essential. Not only can it provide location independence (allowing for calls to be made anywhere), but its cost savings equate to 40% on average.

However, whilst higher quality and cheaper to sustain, SIP trunking is often subject to hacking and fraud, which can result in your company incurring costs via surprising phone bills. Why is this happening? And what are some of the precautions that can be taken in the future to prevent it? And is it actually less or more secure than traditional ISDN?

What is SIP fraud and why is it a problem?

In layman’s terms, SIP trunk fraud is when an outside intelligence or third party manages to access a company’s telephone system connected via a SIP trunk. From here, the hacker can make multiple outgoing calls, often to mobile devices in other countries to build up the largest charge possible.

In a similar way to how a company would protect their computer systems connected to the internet, they must also ensure that their telephone system is protected against IP attacks or the results could be expensive. A cost not covered by the SIP trunk provider, it is particularly important that the company takes the following steps to stay satisfied with this modern alternative to the ISDN line.

Steps your business can take in order to prevent possible SIP fraud

• Passwords: Changing the default passwords provided with the phones systems is important, as well as altering passwords upon an employee leaving the company. Password changes over certain time periods (Quarterly, monthly etc.) can also provide helpful in staying safe.
• Calls after hours: Locking calls made after the times in which the company operates is a smart move, as any outside parties attempting to make attacks will be restricted to working within certain times.
• Call monitoring: Analysing the call patterns made via the systems on a regular basis will be beneficial, as they will allow a company to review activity on the line, and possibly highlight outside activity. Monitoring can include reviewing call length, the cost of calls, volume of calls and duration of calls.
• Credit limit: If a company operates on a post-paid account, an agreement can be reached with the provider to block calls made after a certain monthly budget has been reached. This may be difficult for a company to calculate, but it is a possible option.
• Call barring:  Setting call barring rules will allow a company to block out any number prefixes, not allowing calls to be made from or to unfamiliar numbers.
• International call restriction: Blocking calls made to international destinations can ensure that large phone bills aren’t apparent at the end of a month. If international calls are required within the company, password systems can be applied to their use.
• General access limitation: Inflated costs can sometimes be prevented by ensuring that employees within the company are only able to make the calls they need to, rather than allowing free reign within.

Let’s not forget that traditional phone system and phone lines are also open to attack; this is nothing new. For businesses hesitant to upgrade to SIP we can promise that it is just as secure – if not more secure than traditional voice services.

With anything that we are smart enough to build, there will always be people even smarter to compromise them. PBX phone systems are at risk of being compromised just as much as VoIP solutions or hosted business telephone systems which are located off-site.

Like any computer system or software, SIP trunking can bring some security issues but so can a traditional telephone system. For example, this story demonstrates a PBX hack resulting in a loss of $50,000. There are steps you can take to secure any phone system, and each brand and service provider will have their own security measures.

With any of our SIP trunking solutions, we can offer sound security advice to ensure that your voice service is never compromised. By following the steps here and by talking to the experts, you can benefit from secure SIP trunking services.