As VoIP grows increasingly popular and necessary for today’s mobile business needs, security threats in its underlying technology becomes an important consideration.
In today’s interconnected digital world, we constantly hear about security threats. This can create a sense of digital paranoia and may lead to consumers assuming that all VoIP services are at risk. However, a commonsense approach is far more practical and businesses should stay informed about possible threats, which are similar to those presented by other modern technologies like computers and smartphones.
With that said, here are four common VoIP phone system security threats:
Phreaking is an old term that was coined to describe those who hacked traditional phone service with such things as “blue boxes” and other tools. As POTS improved, the phreaks moved to computer hacking.
VoIP systems use SIP (session initiation protocol) to control authentication. SIP encryption is rare. This can leave VoIP systems open to service theft as well as identity theft.
Service theft not only includes hijacking credentials to make free calls, but more and more as a way to gain access to valuable business data.
Phreakers commonly use eavesdropping as a tool to steal usernames, account numbers, phone numbers, and passwords which they then use to steal identities.
Most computer users are familiar with phishing scams and have become fairly adept at detecting them. Vishing is the VoIP equivalent. The calling party fakes a known organization and attempts to obtain confidential information. Consumers are slowly becoming more aware of vishing and deploying effective counter-tactics to help keep their information secure. A few methods to avoid vishing is to be suspicious of unknown callers. Don’t blindly trust caller ID, and never hand over sensitive information over the phone without first verifying the caller’s identity.
Just as with any internet application, VoIP utilization with software and softphones is vulnerable to viruses, malware, and worms. The systems are also exposed to malicious code on user PCs and PDAs.
Bad actors have attempted to bring all of the basic computer attacks to VoIP. SPIT is the acronym for Spamming over Internet Telephony. This particular tactic is fairly new, but as VoIP gains traction as a business and industrial tool, it’s growing.
VoIP accounts have a unique IP address. This makes it easy for the new “spammers” to send their voicemails to thousands of addresses as well. These voicemails clog voicemail boxes and frequently result in a degradation of service quality. In addition, many voicemails also attempt to obtain account numbers, passwords, or other sensitive information.
A number of tools are now being refined and developed to combat SPIT. Reliable VoIP providers will provide built-in security measures, such as round-the-clock monitoring.
Jive is ready to help you implement the system best suited for your particular business needs, as well as protecting it from possible VoIP threats. We offer an industry leading uptime, no contracts, and superior customer service.
If you are considering the switch from traditional landlines to a cloud-based phone system, contact Jive today for a free quotation.