Precautionary Suspension or Call Restriction of VOIP Service Due to Security Compromise
- OSS/BSS Answers
- App Model - Organization Management
- App Model - Communication Apps Answers
- License Model - Organization Management
License Model - CPaaS Solution Answers
Phone System - Admin Guide Phone System - End-user Guide Mobile App Desktop App Web Phone Auto Attendant - Admin Guide Developer Hub - Admin Guide Microsoft Teams Operator Connect - Admin Guide Microsoft Teams Direct Routing - Admin Guide Contact Center - Supervisor Guide Contact Center - Agent Guide Omni-Channel SIP Trunk CPaaS - SIP Trunk CPaaS Fax Contact Dashboard Campaign File Explorer
- Integrations Answers
- Updated Regulations
- Ideas Portal
Table of Contents
What is a Precautionary Suspension/Restriction?
We are committed to maintaining the highest standard of security to reduce the risk of credit fraud through your VoIP service. If we detect suspicious behavior on your SIP account we will suspend the service, and send you an e-mail as soon as possible to notify you of the possible security compromise as well as the suspension.
In some cases, we might not suspend the account totally but restrict your call via destination or via your IP only.
What Constitutes a Security Compromise?
We have sophisticated systems in place that automatically detect unexpected patterns of call activity and common techniques used by fraudsters. Once our system has identified your SIP account as being compromised, we will take action to limit any damage if any.
What Should I Do If I Am Suspended or Have my Calls Restricted?
Counter-check the usage history in your account to determine whether the calls were legitimate or not. Be on the lookout for consecutive calls that overlap each other, a great number of international calls to unfamiliar destinations, and repeated calls to the same number. If you have determined that your call usage history is genuine and that is no suspicious activity, email us or call our Support Lines during business hours to request for an un-suspension.
If you believe that your SIP account or PBX has been compromised, it is important that the cause of the compromise is found and fixed before requesting to resume the SIP service. We have the right to suspend you again should it happen in the future. By requesting to unsuspend your service, you are accepting the risk that there may be further exploitation and you will be liable for any charges as a result of future security compromise.
How Can I prevent Future Security Compromises or Fraud?
Compromised SIP accounts are the result of either an attacker gaining your SIP credentials (SIP Details and password) or them attacking equipment (PBX) on your network itself. The first step would be to Change your SIP password immediately and reconfigure your device with the new password.
Some hardware equipment such as PBX used to handle SIP calls may have weak security settings by default.
Malware and Trojan Horse attacks can also compromise SIP services. Ensure that firmware and software are up to date on all machines and devices on your network. Watch out for malware and Trojans hidden in your computers.
Most importantly, contact the provider of your PBX solution and discuss the problem, and ensure that a firewall is used to block all but the essential ports. Change all passwords for machines, your wireless network, and other devices.
Besides this, change your account password regularly and do not share it freely especially via email.
*The security of your network is your responsibility. We cannot ensure that your network and the devices attached to it are secured.
How Do I Use the Security Features with SIP?
Do take note that this does not solve the root of the compromise (it is still compromised) or hacking which must be solved in consultation with your hardware or network provider and is only used as a last measure to stop the calls from going through.
However, please ensure to activate either the IP Whitelist or the Country Whitelist
1. IP Whitelist
The IP whitelist defines the IP addresses which can make calls via SIP. When a SIP call is made, the IP whitelist identifies the IP address of the person making the SIP call. If the IP address is recognized as belonging to the company the IP-PBX is registered to, the call gets through. A hacker would be unable to successfully make his call because his IP address would be recognized as unauthorized, and thus the call gets rejected.
Every company can select the countries it intends to make calls to, and specify these in their account settings. This list of countries is the country whitelist. Hackers beware because any attempts to make overseas calls to countries outside the country whitelist will be blocked.
|IP White List
|Country White List
|Based on Information
|Device’s Source IP
|Destination (Dialed Number)
|“The number you are calling is currently unavailable, please try again later”
|“Destination country is blocked”