Introduction
If you suspect your VoIP account has been compromised, or you notice suspicious activity like unexpected phone deregistration, unknown calls in your history, or trouble logging in, it's crucial to take immediate action.
VoIP services rely on internet connectivity, making them potential targets for cyberattacks. Security issues can not only disrupt your service but also jeopardize sensitive business data.
This guide provides clear, step-by-step actions to secure your account and network when you suspect a security breach.
✅Quick Checklist: Signs of a Compromised Account
If you notice any of the following, your account may be compromised:
Unexpected phone deregistration (phones showing "Not Registered" when they shouldn't)
Unknown calls in your call history (outbound calls you didn't make)
Inability to log in to your portal with correct credentials
Unusual account activity or billing changes you didn't authorize
Calls dropping or one-way audio that started suddenly without network changes
🛠️ Step-by-Step Security Response Guide
Immediate Actions (If You Suspect a Breach)
If you believe your account has been compromised, take these steps immediately:
🔑 Reset All Passwords
Hackers actively seek out VoIP credentials to make costly calls or eavesdrop on conversations.
Critical: If you suspect a breach, reset your passwords immediately before taking any other steps.
To reset your passwords:
Log in to your account portal (if still accessible)
Navigate to Account Settings or Security
Change your password to a strong, unique password
Update passwords for any associated email accounts
Create a strong password:
Use at least 12 characters
Include a mix of uppercase and lowercase letters
Add numbers and special characters (!, @, #, $, etc.)
Avoid common words, phrases, or personal information
Pro tip: Use a password manager like LastPass, 1Password, or Bitwarden to generate and securely store complex passwords.
📞 Check Call Forwarding Rules
Attackers often set up unauthorized call forwarding to intercept calls or make them appear elsewhere.
Log in to your portal and navigate to Call Settings or Call Forwarding
Verify that all forwarding numbers are correct and authorized
Remove any unfamiliar numbers immediately
🔍 Review Recent Calls
Check your call history for any unfamiliar numbers
Look for calls made at unusual times (middle of the night, weekends)
Note any suspicious patterns and report them to support
2. Strengthen Your Account Security
Once you've secured your account from immediate threats, take these steps to prevent future breaches.
🔐 Enable Two-Factor Authentication (2FA)
If your provider offers 2FA, enable it immediately. This adds a critical second layer of protection:
Something you know (your password)
Something you have (a code sent to your phone or authenticator app)
Check your account settings for options like:
SMS verification codes
Authenticator app (Google Authenticator, Microsoft Authenticator)
Email verification
📅 Establish Regular Password Updates
Make password rotation a routine practice:
Frequency | Recommended For |
|---|---|
Every 30-60 days | Administrator accounts |
Every 90 days | Standard user accounts |
Immediately | After any suspected breach |
🛡️ Use a Password Manager
Password managers help you:
Generate truly random, strong passwords
Store credentials securely with encryption
Avoid reusing passwords across services
Easily update passwords regularly
Popular options include:
LastPass
1Password
Bitwarden (free option available)
Keeper
3. Secure Your Network & Devices
VoIP security isn't just about your account—it also depends on your network infrastructure.
🔥 Enable and Configure Firewalls
Firewalls are your first line of defense against unauthorized access.
For home offices or small businesses:
Ensure your router's built-in firewall is enabled
Check for SPI (Stateful Packet Inspection) firewall features
Disable remote management unless absolutely necessary
For larger organizations:
Consider VoIP-specific firewalls or Session Border Controllers (SBCs)
These devices can:
Restrict unauthorized traffic types
Terminate sessions properly after calls end
Detect unusual activity patterns
Block potential attack vectors
📶 Secure Your Wi-Fi Network
🟢Do | 🔴Don't |
|---|---|
Use WPA3 encryption (or WPA2 if WPA3 unavailable) | Use WEP or open networks |
Change default SSID and passwords | Keep default router credentials |
Enable guest network for visitors | Allow guests on your main network |
Disable WPS (Wi-Fi Protected Setup) | Leave unnecessary features enabled |
🔄 Keep Firmware Updated
Outdated firmware can contain security vulnerabilities.
Check for router firmware updates monthly
Enable automatic updates if available
Verify your VoIP phones have the latest firmware
Contact your IT department or technician to confirm firmware versions and assist with updates
Note: Your support technician can help verify current firmware versions and ensure proper update procedures are followed to maintain device configuration and service continuity.
✅ Summary Checklist
Concern | Action |
|---|---|
Suspected account compromise | Reset passwords immediately; check call forwarding; review call history |
Weak passwords | Enable password manager; use strong, unique passwords |
Missing 2FA | Enable Two-Factor Authentication if available |
Network vulnerability | Enable firewall; secure Wi-Fi; update firmware |
Ongoing concerns | Contact support with details of suspicious activity |