paint-brush
5 Ways to Detect and Combat SIP Trunking Fraudby@dragilev
1,608 reads
1,608 reads

5 Ways to Detect and Combat SIP Trunking Fraud

by Dmitry DragilevNovember 3rd, 2021
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

In this type of cyber fraud, hackers target a business’ phone system, commandeer numbers and drive up bills for both businesses and their clients. In this article, we'll discuss exactly how this works - and what you can do to recognize and prevent it. SIP trunking fraudsters often automate their attacks. They deploy bots to pinpoint vulnerable networks on the internet, scanning thousands of phone systems without having to lift a single finger. Weak passwords play a huge part in that. To prevent this, make sure that you maintain high password security.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - 5 Ways to Detect and Combat SIP Trunking Fraud
Dmitry Dragilev HackerNoon profile picture

In 2021, cybercrime is omnipresent. And most of us are well aware of its dangers. 

To put things in perspective: If street crime statistics matched those of cybercrime, it would resemble the Wild West.

Highly publicized breaches such as the Colonial Pipeline hack, which caused fuel shortages along the entire East coast, cast a spotlight on the prevalence of cyberattacks. And on how they can affect every one of us personally. 

In fact, a new study recently found that the majority of Americans (87%) now see cybercrime as a bigger threat to their future than both climate change or COVID-19. 

However, there are still a few areas of cybercrime that fly below many individuals’ and businesses’ radars.

SIP trunking fraud is one of them.  

In this type of cyber fraud, hackers target a business’ phone system, commandeer numbers, and drive up bills for both businesses and their clients. 

In this article, we'll discuss exactly how this works - and what you can do to recognize and prevent it. 

What is SIP trunking?

Most modern business phone systems function via VoIP - Voice over Internet Protocol. That allows them to work exclusively via the cloud. 

SIP stands for Session Initiation Protocol. A SIP trunk provides a connection between a virtual business phone system and the telephone network. 

This way, businesses using cloud-based phone systems can call customers on their regular phones. 

How does SIP trunking fraud work? 

There are several kinds of SIP trunking fraud. Their origins, though, are the same. 

To start with, a hacker pinpoints publicly-facing phone systems by deploying an IP scanner on the internet. Then, they exploit weak passwords or use brute-force attacks to gain access to the SIP trunks of those systems. 

Once they have access, they can fake caller IDs and use them to extract valuable information, a practice called caller ID spoofing.  

Or they can reroute calls to and from a business to expensive international destinations - and take a cut of the profits. These profits often range in the tens of thousands of dollars. 

But how can you prevent this from happening? Here are five ways to detect and combat SIP trunking fraud. 

1. Set Up a Call Barring Plan 

To start with, you can set up a call barring plan. This will prevent certain types of calls - or calls to certain destinations. 

For instance, you can block outgoing international calls, or calls to premium rate numbers. Or, you can completely bar calls during times when you don’t use your phone - outside business hours, for example. 

Similarly, you can block suspicious incoming phone numbers. 

2. Create Spending Alerts 

Next, set up alerts for spending thresholds. Often, businesses who’ve fallen victim to SIP trunking fraud don’t notice until they receive their next phone bill. By that time, fraudsters have often done several thousand dollars worth of damage. 

To avoid this scenario, define spending thresholds with your phone system provider. When you hit these thresholds, an automatic alert will be generated to give you a heads-up on the increased spending. 

This will help you identify many types of SIP trunking fraud before hackers can cause serious financial and reputational damage. 

3. Maintain High Password Security 

SIP trunking fraudsters often automate their attacks. They deploy bots to pinpoint vulnerable networks on the internet, scanning thousands of phone systems without having to lift a single finger. 

Once they’ve pinpointed their target phone systems, they often find it all too easy to gain access. Weak passwords play a huge part in that. 

When setting up their phone system’s admin credentials, many business owners don’t opt for complex passwords. Many don’t even modify the default admin credentials that phone system providers set. That makes them easy targets. 

To prevent this, make sure that you maintain high password security. That means choosing complex passwords containing upper and lower-case letters, numbers, and special characters. 

Where possible, activate two-factor authentication. This will prevent anyone from accessing - and making modifications to - your phone system without also having access to one of your physical devices. 

4. Review Your Logs 

Even if you have set up call barring plans and spending thresholds, some types of SIP trunking fraud can go unnoticed. For instance, if hackers have commandeered caller IDs to extract information from customers or businesses, this often won’t trigger warnings. 

That’s why you should regularly check your call logs for suspicious activity. Make it part of your monthly admin routine to take a few minutes and scan your call traffic for anomalies. 

Depending on your provider, you may have to do this manually. 

However, many modern business phone systems come with automated call reporting and analytics. These features analyze interactions between businesses and customers and highlight any irregularities. 

For instance, if a customer service agents’ call behavior changes completely, they will flag this shift for review. Then, you can verify if it was actually the agent making the calls - or someone who’s gotten hold of their caller ID. 

5. Opt for High-Security Providers

Finally, to protect yourself from SIP trunking fraud, you should make security a priority when picking business phone service providers. 

Look into the security settings different providers offer. Verify that they have strong firewalls for management ports and SIP ports to keep your system secure. Check for analytics features that can flag unauthorized activity, and inbuilt call barring features.

Another way to verify if a particular provider is vulnerable to cyberattacks is to check reviews. Go on Trustpilot and similar sites and search for critical reviews. Then, see if any of the reviewers have fallen victim to SIP trunking frauds - and, if so, what their providers did to help them. 

Conclusion 

Business phone systems are an often-underestimated cyber vulnerability. SIP trunking fraudsters take advantage of this fact. 

To protect your business and your customers from having information stolen and bills artificially racked up, there are several things you can do. Implement call barring plans and spending alerts to detect obvious monetary fraud. Maintain high password security to prevent hackers’ gaining access in the first place. Review your call logs to detect more subtle threats. And, finally, make security a top priority when picking a provider. 

This way, you’ll be able to keep your phone system safe and prevent any financial and monetary damage from SIP trunking fraud.