Yes, it is true! VoIP services can be stolen. Who stole my VoIP?
What Does This Mean?
At its most basic level, it involves the theft of your practice’s VoIP account credentials, including usernames and passwords, either by eavesdropping or by introducing malware into your system. Once cybercriminals gain access to your account, they can freely make phone calls or change your call plans, running up your VoIP bill. In addition, cybercriminals may use the stolen data to carry out other fraudulent activities and cause you serious HIPAA violations. They can also use theft of service to flood your VoIP network with promotional calls similar to junk email via an attack called spam over internet telephony, or SPIT. Once they infiltrate your communications network, they might broadcast unsolicited messages or advertisements over your VoIP system. This keeps users from making or receiving calls, which can have a significant impact on your practice’ss operations. Think about what could happen if patients do not get through to you on the phone.
How to Protect Yourself
- Make sure your passwords as secure as possible. Require that passwords must be 8–12 characters long, consisting of a combination of upper- and lowercase letters, numbers, and symbols. For added security, use passphrases, which are sentence-like strings of words. They’re usually longer than passwords, easier to remember, and more difficult to crack.
- Regularly install firmware patches for your VoIP phones and infrastructure regularly, and keep your antivirus software up to date.
- Best practice would be to use fraudulent call routing detection and encryption software.
- If you need too, set up an enterprise-grade virtual private network (VPN) for any employees that work from home. A VPN encrypts incoming and outgoing traffic without compromising call quality.
- Review your Practice’s call logs for any unusual trends or behavior, such as higher-than-usual call volumes or calls made during off-hours.
As always, call Tier3MD if you have any questions!