Home Page »
Online Banking

VoIP Security

Are you a user of Skype™, Vonage or another service that utilizes VOIP? If you answered yes, have you taken the proper steps to ensure your communications are secure? The emergence of these new communication channels has provided easy access, cost-efficiencies, and convenience for individuals and organizations stay in contact with each other.

What is VoIP?

VoIP is a method for converting audio signals, such as the kind you hear when you talk on the phone, and turning them into digital data that can be transmitted over the Internet. Some commonly recognized VOIP applications and providers include:

  • Skype
  • Vonage®
  • OOMA®
  • Google Voice

Some VoIP service providers may only allow you to call others within their provider network; however, many allow calls to anyone - whether it is a local, long distance, international, another VoIP user, or mobile number.

Why VoIP?

VoIP continues to grow in usage and popularity as it provides convenience, cost savings through consolidated services, which eliminate additional phone charges, and ease of use. The integration of video and audio applications through VoIP is also appealing to consumers as it offers the advantages of multiple technologies in a single platform. In addition, wireless "hot spots" in locations such as airports, parks, and cafes allow a patron to connect to the Internet and utilize a VoIP service wirelessly, which provides convenience.

VoIP Concerns

As usage of these applications evolve, the potential for security exploitation increase as criminals attempt to capitalize on weaknesses associated with this technology.

- TOLL FRAUD

Toll Fraud results when a hacker compromises a VoIP account and uses the account to make calls or resell calls. Weak usernames and passwords are the easiest way for a hacker to gain access to your account. Anyone using VOIP plays an important role in protecting their VoIP accounts by applying security best practices.

Weak Usernames & Passwords

As stated earlier, the most common threat to VOIP users is the use of weak usernames and passwords on their accounts. Weak passwords are one of the first things a hacker will test for when they are looking for an account to compromise. The use of birthdays, pet names, city names, and other easily guessable information can quickly lead to the compromise of your account, allowing the hacker to use your account for long distance calls or perhaps even more nefarious deeds.

- EAVESDROPPING

Hackers can potentially eavesdrop on VoIP conversations by intercepting the VoIP data. While eavesdropping on telephone conversations is a risk for landline and mobile users, it is much easier to access an IP network conversation. Eavesdroppers don’t need to physically put a wiretap on a phone line; they can simply hack in via a laptop loaded with the right tools connected to the Internet in order to gain access.

WHAT YOU CAN DO

As VoIP becomes more popular, users need to be aware of the security threats in order to maintain good phone service and minimize vulnerabilities. As with computer and internet security practices, VoIP users must take the proper precautions to ensure their voice communications are safe and provide the cost savings they expect. To secure your systems against potential threats, employ the following security measures:

  • When selecting a VoIP provider, ensure that they take security precautions and use high-tech firewall installations on their hosted VoIP equipment.
  • Install anti-virus programs on your own computer and keep them updated.
  • Change any default passwords, and use strong usernames and passwords.
  • Ensure you apply security patches to the VoIP application as well as any VoIP routers, switches and firewalls on a regular basis. See the vendor website for each product as needed.
  • Ensure you apply security patches to the VoIP application as well as any VoIP routers, switches and firewalls on a regular basis. See the vendor website for each product as needed.
  • Check your billing statement with care as unusually high charges may signal a hacker may be committing toll fraud on your account.
  • Be highly suspicious of messages directing you to call and provide credit card or bank account numbers.

If you would like additional information or would like to get involved with a group concerned with VoIP security, you can contact VOIPSA (Voice over IP Security Alliance) at http://www.VoIPsa.org/ . VOIPSA is a collaboration of VoIP and Information Security vendors, providers, and thought leaders. Their mission is to drive the adoption of VoIP by promoting the current state of VoIP security research, VoIP security education and awareness, and free VoIP testing methodologies and tools.

These helpful tips are provided by Digital Defense, Inc., a computer security company working with your credit union as a responsible member of the community to help insure the privacy and security of our nation's financial information.

© SAFE Credit Union. All Rights Reserved.
Protecting your privacy is our top priority. Please refer to our Privacy Statement for more information.