Like any device that can be connected to the internet, VOIP phone systems are targeted by hackers to try and gain access to your company’s sensitive information.
In 2020, one in ten cyber attacks on UK companies targeted devices connected to the Internet of Things.
We explain what VOIP hacking is, signs that your system has been hacked and how to prevent hackers from gaining access to confidential data.
What is VOIP hacking?
VOIP hacking is a cyber attack on your business’ VOIP phone system that enables the hacker to listen to private calls and steal confidential details about a business and its customers.
VOIP hacking typically occurs when an employee accidentally provides a scammer with sensitive information.
Types of VOIP hacking
Distributed denial of service (DDoS): a DDoS attack attempts to disrupt the phone system by flooding it with traffic or target the VOIP’s router to take down the whole network. The aim is to make the system inaccessible or to act as a decoy while another type of VOIP hacking takes place.
Eavesdropping: eavesdropping attacks occur when cybercriminals listen in on unencrypted phone calls by hacking into the phone or network. This type of attack usually happens when an insecure network connection such as a Wi-Fi hotspot is used to connect to the phone system. Any data that is exchanged during the intercepted phone call will then be in the hands of attackers to exploit.
Toll fraud: if a cybercriminal infiltrates your phone system, they may make expensive international calls to other devices. Toll fraud attacks are usually carried out after employees have involuntarily given unauthorised access to the VOIP system.
Social engineering: attackers trick people into providing confidential information via a phone call or voice mail. Social engineering attacks rely on human interaction to make them work. Cybercriminals will often use fear, offers that seem too good to be true or urgency to convince people to give away personal details.
Signs that your VOIP system has been hacked
- Your phone bill has suddenly increased
Keep an eye on your phone bill. A common sign that a company’s VOIP system has been hacked and is being used by a cybercriminal is a rise in phone charges.
- There are unknown numbers in your call history log
Calls from unrecognised numbers, especially if they are international and frequent could suggest that you’ve been hacked.
- Usage of your phone system during weekends or off-peak hours
As a business, it’s unlikely that you use your phone during evenings and weekends, which could indicate that your system has been hacked.
How to prevent VOIP hacking
You can help prevent VOIP hacking with the right security features.
Create a strong password: passwords should be changed at least every six months and contain a minimum of 12 characters, at least one number, symbol, capital and lowercase letter. Avoid using dictionary words and combine random words instead.
Disable international calling: most VOIP hackers use your phone system to make expensive long distance calls. If you don’t need to make international calls in your business, protect it by disabling them and preventing anybody else from being able to make them.
Encrypt your conversations: if you’re making phone calls via the internet, they can be easily intercepted by hackers if they are not encrypted. You can encrypt your phone conversations via a VPN or VOIP software with built-in encryption.
Change your pin numbers regularly: as with passwords, pin numbers should be regularly changed to prevent cybercriminals from accessing them. Train employees on the importance of not sharing passwords or pin numbers with anybody and to avoid writing them down on paper.
Disable your phone’s web interface: a phone’s web interface is a vulnerable entry point for hackers. It contains access to the phone, network and call settings which are a prime target for cybercriminals who want to get into your phone system. Turn it off to protect your system and only turn it back on when you need to change settings.
VOIP security is vital to protecting your business and customers’ data. Our team can help you to ensure all of the right pieces are in place to protect sensitive information and keep your channels secure. Call us today to book your free IT consultation.