In recent months there has been an industry-wide increase of fraudulent attacks on VoIP customers. These attacks try to gain unauthorised access to SIP devices and IP PBX systems in order to make high-cost, chargeable phone calls through compromised PBX systems.
Due to the wide usage of IP PBX-based solutions by a large range of customers and existing security issues with different PBX’s especially Asterisk we kindly ask you to pay closer attention to such customers of yours or your own IP PBX environment.
Also 3CX IP PBX-es already has been compromised (read this for instance to instantly secure your 3CX PBX now: http://www.3cx.com/blog/releases/3cx-security-update-v9/ ).
These security issues can lead to big losses caused by “brute force” attacks and generating calls to extremely expensive destinations or premium numbers like Austria Premium, Somalia, Ethiopia, Sierra Leone, etc.
Calls to these destinations mostly take place during night time with unusually high ASR* (close to 90%) and ACD** (over 15 minutes) parameters.
Due to this and to protect our (and your) customers, XeloQ blocked certain problematic destinations but it is impossible to block all destinations because sometimes it are normal calling destinations.
If you make use of local PBX’s and use XeloQ to terminate your traffic, then make sure that your local IP PBX solution can’t be hacked.
Change all standard passwords and protect your environment with available tools and tighten your firewall rules and remote access to these systems.
More tips to make the use of your IP Telephony system more secure
- Clean up your PC and make sure usernames / passwords of your system and your customers’ SIP accounts are not stored in your email.
Your PC should be free and cleaned from viruses, Trojans, backdoors, keyboard loggers or other phishing methods to catch usernames / passwords.
- ……read more on our extended Dr. VoIP website………
If you have any comments or useful feedback, let us know. We will appreciate and it will help to make the world of Internet Telephony even more secure!
General information: http://www.XeloQ.com
Support Team XeloQ Communications
* ASR = Average Success Rate (of all made calls)
** ACD = Average Call Duration (of all made calls)