The scenario goes something like this: You’re a business owner. You run a fairly tight ship. Unfortunately, one month you open your phone bill to find an outrageous balance 6-figures above your normal monthly charges. The culprits – hackers – are long gone and you are stuck holding the bill. You have become the victim of VoIP fraud. Hackers have hijacked your system and used it to make thousands of fraudulent calls while running up an enormous bill in the process – all on your dime. Sadly, it is an all too common occurrence.
While protection from VoIP fraud has improved significantly through the years, the hackers are still out there and they are constantly coming up with new schemes and angles to break-in and reek havoc.
The good news is there are proven measures you can take to help keep your system safe.
For starters, make sure that your root password is secure. For instance, it is recommended that a passwords be at least 12 to 15 characters long with numerals, capitals and lowercase letters. Never use easy passwords such as 1234 or default usernames and passwords that are provided for you. You’re asking for trouble if you do. Also, you should change your password regularly to ensure it hasn’t been compromised.
Your system should always be behind a firewall. While some companies may feel they have valid reasons not to have a firewall, the pros and cons should be weighed carefully. It is a solid layer of protection your business should not be without. In addition, the firewall should be configured to only allow VoIP/IP access to pre-authorized IP addresses. This adds additional protection.
When dealing with remote management of your system or data exchange, use of Secure Shell (SSH) encryption is highly recommended. SSH encryption was designed to provide confidentiality and secure data transfer over an insecure network such as the internet.
If you are not completely satisfied with the security of your system there are additional measures that can be taken. Additional systems can be put in place to add yet another layer of protection. One approach is to add fail2ban. Fail2ban is an intrusion prevention framework with the main function of blocking IP addresses that are trying to breach a system’s security. Think of it as the bouncer standing outside your firewall – no creeps are going to get into your system.
There are a few fraud indicators that can allow early detection of the fraud. Some warning signs include:
- Calls to unfamiliar destinations
- Calls to high cost destinations, such as hotlines or special services
- High traffic during irregular business hours, like nights or weekends
- An unexplained spike in traffic volume or call duration
At AVOXI, we guarantee our customers there will be no fraud when they install one of our HOSTED PBX SERVICES. We know you have other worries than the security of your phone system. That is why we ensure there will be no fraudulent use of your system. Let us take care of the details so you can focus on what’s really important – your business.
Remember.. these are just a few of the steps you can take to avoid fraudulent use and abuse of your system. The reality is anything you can do to stymy a hacker is a step in the right direction. Every hurdle put in place, every new safe-guarding technology puts another layer between your business and VoIP fraud.