The phone’s web interface allows you to configure and update many of your main phone features, including VoIP accounts, call history, network settings, SIP settings, connection settings, and other key features. You can also back up your phone through the web configuration interface, Which will reveal usernames and user passwords.
The web interface settings interface may be your business’s most vulnerable in your communications system. It is also the main target for hackers who want to manipulate your communication systems for fraudulent purposes.
Password protection for the phone web interface is not necessarily secure. Many VoIP phones come with predefined passwords that are never reset by their owners. This makes the hacker task easy. But even if the password is changed, the hacker can break through some programs to break passwords
Unfortunately, many setup interfaces for phones do not block access to them after a certain number of attempts for the wrong passwords. Which means that hackers can try 10 passwords per second and when they succeed in entering they can change settings on your phone and steal all data from the phone.
So all security and security experts recommend stopping the Internet settings interface for your phone phones completely. You can later if you need to change certain settings to re-activate them again, although you can change most settings from the same phone.
4. Close Port 80 through the firewall
In general, if you can not close your telephone and pager settings through web pages, you must close the port or port 80 which allows you to access the phone and telephone settings
Port 80 is the primary target and first and most vulnerable to hackers, which means that hackers can dig into port 80 on your router, and if hackers can access the web interface they can control 100% of your communications system
“The vast majority of VoIP cases are highly preventable,” says Mike O’Hith, CEO of Onsip. “The cases we see often involve an active Web interface or an open port 80. We recommend closing all channels to reduce the chance of phishing through protocol Internet”.
5. Disable international dialing
Many hackers and hackers want to use VoIP phones in phishing scams. Or costly international contacts. If you do not need to make international calls to your daily operations, it may make sense to disable international connectivity altogether.
If you need to make calls to another country, you can buy a calling card instead of activating international calls. If you need an international connection running, be sure to monitor your phone records and staff regularly.
Breakthrough communication systems cost $ 1000 per minute in the United States
You can also disable international dialing after your company’s business hours. It has been noted that hackers who wish to exploit your communications system are active after normal business hours and during weekends and long public holidays.
If it is difficult to determine international call hours, you can select certain countries for international call. You can periodically report the volume of international calls and receive them on your email or mobile to reduce and anticipate the success of one of the attempts to penetrate your communications system
Finally, if you suspect you’ve been hacked, the first thing you should do is disable the compromised devices immediately. (CDR) to see exactly how many unauthorized calls were made by your phone system. Reporting your service provider for accident reporting and securing your devices
Zontel is a pioneer in the field of Internet security and its products from the best devices that have a great protection and has the ability to encrypt all correspondence between all types of phones available from Zontel and is developing the latest firewall systems to provide the maximum protection possible for all users and agents