Connect with us

VoIP

VoIP Hacking: How To Avoid It And What To Do In Case Of An Attack

Published

on

What must companies and SMEs do in case a VoIP hacking happens, and at the same time, maintain security to avoid possibilities of hacking

Most businesses around the world have decided to shift to VoIP (Voice over Internet Protocol) technology from their traditional landline services. Not only that VoIP saves them money from exorbitant call charges, but it also opens up to a massive plethora of features and adds on that they can enjoy.

But there’s a problem. Since VoIP communication uses your internal network and the internet, it is still hackable.

Several sources have reported that hackers are after business data that may include financial information of your company or your customers. Hacking into voice calls and voice mail is also a profitable enterprise. Credit card numbers and other personal details are often exchanged verbally during everyday voice conversations.

New York Times reported an incident where an architecture firm, with only seven employees, ran up a $166,000 phone bill in a single weekend.

“Hackers sign up to lease premium-rate phone numbers, often used for sexual-chat or psychic lines, from one of the dozens of web-based services that charge dialers over $1 a minute and give the lessee a cut. In the United States, premium-rate numbers are easily identified by 1-900 prefixes, and callers are informed they will be charged higher rates. But elsewhere, like in Latvia and Estonia, they can be trickier to spot. The payout to the lessees can be as high as 24 cents for every minute spent on the phone,” NY Times reported.

“Hackers then break into a business’s phone system and make calls through it to their premium number, typically over a weekend, when nobody is there to notice. With high-speed computers, they can make hundreds of calls simultaneously, forwarding as many as 220 minutes’ worths of phone calls a minute to the pay line. The hacker gets a cut of the charges, typically delivered through a Western Union, MoneyGram or wire transfer,” they added.

But, VoIP hacking is preventable and mitigable. Let’s explore how can a business protect itself from VoIP hacking and what to do when an attack is happening.

HERE’S WHAT TO DO TO PREVENT VOIP HACKING:

  1. Check the configuration religiously of your network and make sure protections are in place. These can include firewalls and intrusion prevention systems.
  2. Have a strong two-factor authentication for administrative access to your network.
  3. Always update network systems.
  4. Separate your voice and data systems.
  5. Establish a Session Initiation Protocol (SIP) to encrypt the signal as it travels through your network gateway.
  6. Control access by requiring secure authentication by everyone using the network.
  7. Encrypt voice conversations that may contain financial or personal information.
  8. Limit what kinds of calls are allowed on the network (by device, by user, and by other restrictions — such as time of day)

HERE’S WHAT TO DO IN CASE OF A HACK:

  1. Take action immediately. Within the first 24 to 48 hours you need to determine what part of the network was compromised and what information might have been stolen.
  2. Turn to your VoIP provider to help you determine where the threat resides and how to block that part of the network so it is safe until you can implement a fix that will prevent further breaches.
  3. Use the response plan you prepared to know which steps to take next. It should include what to tell employees, your board of directors, partners, or investors. If private customer data is breached, you also need to tell your customers, law enforcement, and regulators. If your business is in the financial or healthcare sector, other compliance steps may be required.
  4. Rely on professional help to restore your business operations, whether by restoring data from backups, adjusting firewalls, blocking IP addresses, or reimaging corrupted machines.
  5. Instruct all users to change every password.
  6. Understand what went wrong and how to prevent that action or situation from happening in the future.

Now that you have an idea of what VoIP hacks are, what they cost, how to prevent them, and what to do in case of an attack, you have to let your entire organization now about it as well. Awareness of it can help your company avoid unnecessary charges and keep an unblemished reputation. /apr

A Consumer Tech and Cybersecurity journalist who does content marketing while daydreaming about having unlimited coffee for life and getting a pet llama.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Cybersecurity

Boost Mobile Disclosed Credential Stuffing Attack Two Months Post-Breach

Published

on

Boost Mobile suffered from a credential stuffing attack but they only notified users two months after.

The rise of the internet has helped businesses in countless ways, especially in terms of communication. One of the innovations that have revolutionized industries and opened new opportunities to millions of small and medium enterprises (SMEs) is the VoIP or Voice over IP. The technology allows businesses to make and receive calls using the internet, which is practically a lot more inexpensive than traditional telephone lines.

However, as VoIP operates through the world wide web, technology is also vulnerable to cyber attacks. This is evidenced by what happened to Sprint-owned virtual mobile network operator Boost Mobile when they were targeted by a particular cyber attack.

The alarming part of what happened to Boost Mobile is that they failed to alert their users immediately after they found out that their data were breached. According to a recent “quiet” announcement, Boost Mobile suffered from a data breach two months ago that allowed hackers to access some user accounts.

“Boost.com experienced unauthorized online account activity in which an unauthorized person accessed your account through your Boost phone number and Boost.com PIN code,” said the notification. “The Boost Mobile fraud team discovered the incident and was able to implement a permanent solution to prevent similar unauthorized account activity.”

According to the notice posted on the Boost Mobile website, the said breach occurred on March 14th, 2019, but it seems that they only notified their customers and disclose information about the breach two months after they discovered the cyber attack. According to the notice, the breach resulted in several customer phone numbers and PIN codes being exposed.

No information was also disclosed regarding how many people are affected by the current breach. But the company notified California’s attorney general regarding the incident, means the number of victims could be more than 500.

Note: Legislations in California require businesses to inform the attorney general whenever a data breach affecting 500 or more people.

While the company kept mum on the number of victims, they, however, was able to confirm that the data breach was a consequence of a targeted attack.

“The Boost IT team identified unusual activity on a page of the Boost.com website, blocked access and not long after implemented a permanent solution,” said the spokesperson. “Customers’ credit card and social security numbers are encrypted and were not compromised.”

The notification also noted that the hackers used the phone numbers and PIN collected from the breach in accessing customer accounts in the Boost Mobile website. These codes can be used to alter account settings. Hackers can automate account logins using lists of exposed usernames and passwords — or in this case phone numbers and PIN codes — in what’s known as a credential stuffing attack.

Credential stuffing attacks have been designed by hackers to be completely automated, making use of extensive collections of stolen credentials bought from the black market to be able to brute force their entry to a computing system. Other several companies have been attacked by this type of modus operandi as well. Credential stuffing attacks have also infiltrated the networks of other popular brands such as TurboTax, Dunkin’ Donuts, Basecamp, and Dailymotion in the first quarter of 2019.

A similar incident also happened to the popular Japanese clothing brand UNIQLO, when a credential stuffing attack also compromised data of almost 500,000 customers. Nearly half a million accounts have been compromised as the internal server of the famous Japanese clothing brand, UNIQLO, has been breached, according to a notification sent out by the company today.

The announcement states that the UNIQLO Japan and GU Japan online stores have been hacked and third parties were able to gain access to 461,091 customer accounts following a credential stuffing attack on their servers.

According to the notification that the company sent out to the affected accounts, the credentials stuffing attack, which led to the data breach, took place between April 23rd and May 10th this year. However, the number of compromised account could be higher because the investigation is yet to be concluded.

“While the number of incidents and circumstances may change during the investigation, Fast Retailing is today providing notice of the facts as determined at present, and the company’s response,” says Fast Retailing.

Meanwhile, Boost Mobile said that they have already sent temporary PINs to affected customers via a text message. It is still unclear whether the two incidents were related or not.

Continue Reading

Our Voice

RingCentral VoIP Review

Published

on

We reviewed RingCentral's VoIP offers

VoIP has had a significant shift from a technology exclusively used by the early adopters or hobbyist to a widely adopted business form of communication. The industry expects an annual growth rate of 3.1% between 2019 to 2024 with a value ranging from 77.4 million USD in 2018 to 93.2 million USD by the end of 2024.

Undoubtedly, the business is exponentially growing at a breakneck pace, and VoIP providers are flocking in, offering packages that may or may not fit to what your business goals are. Hence, with our continued interest of unraveling the best VoIP provider, we are going to review key players in the industry and showcase opinions that will help businesses to determine solutions that work.

RingCentral Review

When it comes to the VoIP race, RingCentral is one of those providers that you won’t miss out not to mention. Aside from its flexible pricing offers, the company has established a solid foundation in catering the communication needs of small-time businesses and large enterprises.

RingCentral was founded back in 1999 by Vlad Shmunis, and since then, the cloud-based company introduced new ways to connect and collaborate remotely. For almost 20 years of providing VoIP services, RingCentral has significantly banked on its easy VoIP setup, competitive prices, and cloud-based management system. In a sense, the VoIP provider established itself as one of the big names in the VoIP market.

Pricing

RingCentral Pricing Offers

As previously mentioned, RingCentral offers versatile and relatively competitive price packages. RingCentral starts things off with their Essential Plan that costs $19.99/month, which is suitable for small-time businesses with less than ten employees. The package supports up to 10 users with a four-person limit on its audio and video meeting feature.

The Essential Plan unlocks RingCentral 24/7 customer support lines and offers unlimited phone calling, 100 toll-free minutes, customer management and phone service administration, and other basic features necessary for small-time businesses.

The next tier that RingCentral offers is the Standard Plan which costs $24.99/month. The $5 difference from its Essential package provides businesses with a little more space to work with, especially with its zero-limit on the number of users. However, video and audio conferencing are still limited to four people at a time.

The RingCentral Standard Plan doesn’t have much of a difference from its Essential plan, aside from getting 1,000 toll-free minutes per month. Further, the package credits you the same basic feature with a multi-level auto attendant that works as a virtual receptionist for routing calls to the right department. The Standard Plan also credits you internet fax and call log support that will come in handy during end-of-the-month business reporting.

If you think the previous offerings are small enough to fit your business needs, RingCentral has a Premium plan that costs $34.99/month. The package poses a vast amount of support for your business such as multi-site support, custom app development and deployment, and SalesForce, Zendesk, and Desk integration. The RingCentral Premium pushes the audio and video meeting limit to 100 people with toll-free minutes of up to 2,500/month. You’ll also get Voicemail Transcription to Text support which converts voicemails to text for easy documentation.

The last tier that RingCentral offers is the Ultimate Plan for $49.99/month. The package provides the same amount of support as the Premium but boosts the number of minutes to 10,000 and the audio/video meeting bandwidth to 200 people.

How It Works?

Before starting things off with RingCentral, the first thing you need to know is if the service or the package fits your business goals. If the answer is yes, then there are two ways in installing RingCentral; its either you use your existing phones, or you purchase new equipment from RingCentral themselves.

If you opt to use your current desk phones, installing RingCentral is as easy as plug and play. Just plug your phones and computers to the internet jacks and install the RingCentral app to your employees’ smartphones. After installation, you’ll get to enjoy all the features based on the RingCentral package you opt to choose. And, since RingCentral is cloud-based, you can use its dedicated app for all your voice calls, faxing, audio/video conferencing needs.

With RingCentral’s plethora of features, you don’t have to rely on your traditional phone lines to handle all your business communication requirements. You’ll get competitive management support, technology-forward IVRs, relaxing hold music, call management, and other basic features put in place so that you’ll never miss a call again.

Comparison and Contrast

RingCentral is indeed one of the top tier VoIP providers in the market today. Its call management feature that enables businesses to customize their ways of communicating is one the best qualifier for RingCentral. You’ll get call forwarding on the go with easy deployment based on your business or department’s answering rules. You can easily configure automatic call recording and convert them to text for easy documentation. You’ll also enjoy auto attendant, a feature that directs calls on the right department, to ensure that all requests go to the right person and provide solutions at first touch.

However, comparing RingCentral to other VoIP providers, there are noticeable differences that one cannot just disregard. Let’s use Nextiva for example. Nextiva is also one to the leading VoIP players today, and statistically speaking, Nextiva is a highly-acclaimed cloud-based software provider with 99.99% reliability rate across NYC to Seattle.

Nextiva Pricing Table

Nextiva’s VoIP plans provide consumers more flexibility at a more cheaper rate. For $20, Nextiva’s Basic Plan equates to RingCentral’s Standard Plan with more added features. You’ll get additional support such as Advance Call Management and number porting for free.

Nextiva’s Pro Plan steps the notch even higher. You’ll get a customized greeting feature that works significantly in building your brand. Furthermore, you’ll receive Text Messaging support that enables you to connect with your team and customers at your own pace and desire. Limitation towards the number of people allowed for conferencing is not much of a concern within Nextiva’s VoIP packages. In a sense, you’ll get more added support at a price relatively cheaper than what you get from RingCentral.

When setting up Nextiva, you can opt for Nextiva’s professional installers to set up your VoIP lines for free. Through this installation method, you’ll get to work with Nextiva on how you want to customize your VoIP solution. This method also eliminates common installation failure. But, with regards to the accessibility of installing Nextiva’s VoIP, you’ll get the same amount of convenience RingCentral offers.

The Verdict

RingCentral is, without a doubt, a competitive VoIP provider. However, the limitations on specific price plans are very concerning. Its Essential Plan lacks mobility and essential features like auto attendant and automatic call recording that are necessary for today’s business needs; unless you pay $15 more to employ such elements.

While, if you compare it to companies like Nextiva, who are offering relatively the same or more amount of features on its basic plan, it enables businesses to manage communications with more flexibility without paying more than it should be. And, with today’s competitive market, getting extra elements at a price lesser than the other, is a motivational factor to choose Nextiva aside from RingCentral.

More importantly, in choosing your cloud-based solution, you should understand what your business goals are, and see if the provider offer such features. Don’t just settle with prices, and pick a solution that enables you to manage your calls and business needs on a much broader scale.

Continue Reading

VoIP

Lawmakers Are Fed Up With Robocalls And They Want An End ASAP

Published

on

New laws being deliberated and proposed to curb the robocall problem.

The problem of the ballooning cases of robocalls in the United States is so undeniable that legislators are on haste to pass a new law that would potentially put an end to the annoying nuisance of unwanted and spoofed calls that are targeting them, their family, and their constituents.

Fed up the bugging concern over robocalling and other VoIP scams, lawmakers have launched a bipartisan broadside against robocalls. The new legislation introduced by Senator Hohn Thune, R-S.D., would ramp up penalties for violators, put more onus on major telecom and cell service provider to address the problem and do a better job of authenticating calls, and offer ways to block neighborhood “spoofers” and other modus operandi. Neighborhood spoofing happens when scammers are tricking a caller ID into believing that a call is coming from a local area code, inducing validity to the call.

“I think that I’m like everybody else that has cellphones and is constantly, constantly interrupted by these nuisance calls,” Sen. John Thune said in an interview.

Both the House and the Senate are working hard to hasten the passing of the different legislative efforts to stop the notoriety of robocalls in the United States. They recognize that there should be a more heightened crackdown on a problem that grew significantly higher in recent years.

According to Hiya, a Seattle-based software company, a total of 26.3 billion robocalls were received by Americans in 2018, a 46 percent increase from the only 18 billion in 2017. Furthermore, complaints regarding robocalls and call spamming is the most common complaint received by both the Federal Trade Commission (FTC) and the Federal Communications Commission (FCC). In 2018 alone, the FTC has received more than 3.7 million complaints relating to robocalls and other telecom scams while the FCC received 232,000 complaints on unwanted phone calls that include robocalls and telemarketing calls.

A few months ago, major telecom players in the United States joined forces to curb the robocall problem in the country. AT&T, together with Verizon and Comcast is set to launch a new technology that would allow users to screen and validate the phone calls that they receive. Reportedly, the companies will tap into an authentication technology called SHAKEN/STIR that will authenticate if the phone number on a user’s caller ID is the phone number that originated the call.

Nonetheless, technology has been very friendly to robocallers as there are systems now that allowed them to target thousands of consumers in an hour with minimal effort. Basically, as critics suggest, it will only render the Do Not Call Registry (DNC) somewhat moot. However, FTC said that the list “still works well for the same job it was intended to do,” but that it doesn’t deter “criminals or fraudsters.”

The TRACED Act, as submitted and authored by Sen. Thune, was unanimously approved by the Senate Commerce Committee last month and as it was back by a bipartisan group of lawmakers, there is a very hopeful chance that it would push the major telecom companies to authenticate calls better, so consumers know where those calls are coming from.

Meanwhile, another set of legislation is being deliberated in the House Energy and Commerce Committee led by Chairman Frank Pallone, D-N.J. The law that the lawmaker introduced would close the legal loopholes that robocallers exploit and at the same time prompt telecom companies to provide blocking services against call “spoofers” free of charge.

“I hear from my constituents in New Jersey all the time about how fed up they are with robocalls,” Pallone said. “It is incredibly annoying to repeatedly get unwanted calls from people you don’t know and don’t want to talk to.”

“[The robocall problem] “has gotten so bad that you can watch videos of people getting robocalls while they’re in the middle of making a video complaining about robocalls,” chimed in by Rep. Mike Doyle, D-Pa.

Nonetheless, the mere existence of robocalls isn’t what legislators are after for. Thune said that his focus is those scam artists who try to get people to send money to fraudulent causes.

“And at the same time, hopefully we’ll get rid of a lot of the annoying and nuisance type calls that everybody gets on their cellphone,” he continued, noting that complaints about those calls “became one of the most [frequent] calls into our office and things you would hear people talking about in conversation.”

Continue Reading

Today’s Latest

Our Voices

Silicon Valley Silicon Valley
Our Voice6 hours ago

How Tech Companies Affect Communities In Places They Call ‘Home’

Tech companies are today’s driving forces in the economic world, mostly because of the introduction of the Internet. It allows...

We reviewed RingCentral's VoIP offers We reviewed RingCentral's VoIP offers
Our Voice4 days ago

RingCentral VoIP Review

VoIP has had a significant shift from a technology exclusively used by the early adopters or hobbyist to a widely...

April Fools April Fools
Our Voice2 months ago

April Fools Jokes Aren’t Just “Jokes”

April Fools is undoubtedly a fun day, exceptionally if you have crafted the most elaborate prank on your friends and...

Facebook Facebook
Facebook2 months ago

Facebook Should Do Better At Processing Community Standard Violations, And They Should Do It Fast

A few months ago, I saw a photo of myself used by another Facebook account with a “R.I.P. (Rest in...

With reports of artists committing harassments, should you separate the art from the artist? With reports of artists committing harassments, should you separate the art from the artist?
Our Voice2 months ago

Supporting Problematic Artists And Their Arts, An Opinion

As the world becomes swarmed by reports of famous artists – musicians, comedians, actors, painters – being alleged or in...

How to regulate facial recognition without possible risks How to regulate facial recognition without possible risks
Our Voice2 months ago

Ethical Regulation Of ‘Facial Recognition’ Is A Shared Responsibility

There is an ongoing discussion both in online and offline spaces regarding the growth of facial recognition technology and its...

Solving Data Breachs, must focus on SMBs Solving Data Breachs, must focus on SMBs
Cybersecurity2 months ago

Data Breach Epidemic: Solving The Problem In SMBs Will Solve The Problem For All

In the last two weeks, we’ve witnessed a vast amount of data breaches and information leaks, and the issue has...

Here's why we agree to Jacinda Ardern, New Zealand Prime Minister words of not naming mass shooter suspects Here's why we agree to Jacinda Ardern, New Zealand Prime Minister words of not naming mass shooter suspects
Our Voice2 months ago

We Agree To PM Ardern Of Keeping Christchurch Murderer Nameless, And The Media Should Listen

In the wake of Christchurch mosques shooting in New Zealand that killed 50 people at two mosques, the shooter is...

Apple Anti-Snooping Paten Apple Anti-Snooping Paten
Apple2 months ago

Apple vs. Police Authorities; A Cold War Against iPhone’s Anti-Snooping Patent

To protect its customers from hackers and illegal surveillance, Apple is developing an anti-snooping technology that would impede police and...

Fighting misinformation over measles outbreak Fighting misinformation over measles outbreak
Our Voice2 months ago

An Epidemic: Measles Or Misinformation?

2018 was the year when people started asking the question: ‘should I get my child vaccinated?’ Most people answered yes,...

Join us as we delve into the future of the VoIP industry Join us as we delve into the future of the VoIP industry
Our Voice3 months ago

Take A Look At The Predicted Future Of The VoIP Industry

For the past 20 years, VoIP has become an integral part of the lives of millions of people around the...

Contact Center Solutions Contact Center Solutions
Business3 months ago

Choose The Right Call Center And The Best Contact Center Solutions of 2019

The Ins And Outs Of Business Communication Management For your business to exist in today’s world, you must know how...

Instagram poses as a threat to some of the world's most famous location Instagram poses as a threat to some of the world's most famous location
Our Voice3 months ago

How Instagram Corrupts Famous Locations In The World

Is Instagram corrupting the beauty of breathtakingly beautiful locations and sucking all the joy out of traveling? With the era...

How one can earn crypto How one can earn crypto
Our Voice4 months ago

Ways To Earn Cryptocurrency

Cryptocurrency is one of the growing medium for exchange in most countries as it offers a more convenient and safer...

Ending Payday Loans Ending Payday Loans
Our Voice4 months ago

Can We End Payday Loans?

We can’t neglect the fact that debt is one of the pressing problems in the country, especially in today’s economy....

How will 5G change our lives -- Our Voice How will 5G change our lives -- Our Voice
Our Voice4 months ago

Jumping From 4G To 5G: Here’s What 5G Can Do For You

One of the most awaited advancements in technology is the cellular industry. With its monthly updates on software, model and...

VoIP vs Traditional Telephones: Cost Factors to consider VoIP vs Traditional Telephones: Cost Factors to consider
Our Voice4 months ago

What are the cost factors of VoIP?

In the next few years, we might be saying goodbye to traditional telephone systems in exchange for Voice over Internet...

Manufacturing Firms Investment on Technology Manufacturing Firms Investment on Technology
Our Voice5 months ago

Manufacturing Firms are Investing More on Technology

Based on the recent research on how manufacturing companies are coming up in the market industry, they have been increasing...

How to properly take Technology Innovation in companies How to properly take Technology Innovation in companies
Our Voice5 months ago

Technology innovation in companies—for the better or the worse?

Technology has significantly impacted both homes and workplaces in the last years. As much as we want to keep our...

Trending