What are the risks?
Posted: Sun Jan 19, 2025 3:50 am
Toll fraud is a financial risk to businesses using VoIP. While some of the top 5 telecoms frauds are targeted at operators, two are targeted at businesses: International revenue share fraud (IRSF) and Premium rate services.
– IRSF involves a fraudster denmark telegram working with a rogue network service provider. They make long calls at a high charge that are terminated by the provider. The business receives an excessive change and the profit is shared between the fraudster and the provider.
– Premium rate services generate revenue when staff call premium rate numbers. However, hackers can also divert traffic onto premium rates.
Eavesdropping – there are several opportunities for interception of a call, either on the line, or close to an endpoint when using company internal Wi-Fi or a Wi-Fi hotspot. These can result in financial risk, breaking of regulations such as GDPR, HIPAA, or SOX, or loss of reputation to the business. As an example, the payment card PCI standard requires that cardholder information is encrypted during transmission over the internet.
Denial of service is a risk to productivity and business reputation whether the service is a web page or a VoIP call.
How can technology help to secure my wholesale VoIP termination?
Encrypting VoIP is essential. Given the risks of intercepting close to an endpoint, the encryption must be applied end-to-end. Protocols such as SRTP and TLS are used to encrypt the call.
Secure real-time transport protocol (SRTP) is a cryptographic method of encrypting data, including replay attack protection and message authentication. SRTP uses the advanced encryption standard (AES). Both ends of the call must be enabled for SRTP. Depending on hardware, this will show a padlock icon.
Transport layer security (TLS) is used to encrypt call metadata such as the phone number, but also protects against eavesdropping and tampering.
– IRSF involves a fraudster denmark telegram working with a rogue network service provider. They make long calls at a high charge that are terminated by the provider. The business receives an excessive change and the profit is shared between the fraudster and the provider.
– Premium rate services generate revenue when staff call premium rate numbers. However, hackers can also divert traffic onto premium rates.
Eavesdropping – there are several opportunities for interception of a call, either on the line, or close to an endpoint when using company internal Wi-Fi or a Wi-Fi hotspot. These can result in financial risk, breaking of regulations such as GDPR, HIPAA, or SOX, or loss of reputation to the business. As an example, the payment card PCI standard requires that cardholder information is encrypted during transmission over the internet.
Denial of service is a risk to productivity and business reputation whether the service is a web page or a VoIP call.
How can technology help to secure my wholesale VoIP termination?
Encrypting VoIP is essential. Given the risks of intercepting close to an endpoint, the encryption must be applied end-to-end. Protocols such as SRTP and TLS are used to encrypt the call.
Secure real-time transport protocol (SRTP) is a cryptographic method of encrypting data, including replay attack protection and message authentication. SRTP uses the advanced encryption standard (AES). Both ends of the call must be enabled for SRTP. Depending on hardware, this will show a padlock icon.
Transport layer security (TLS) is used to encrypt call metadata such as the phone number, but also protects against eavesdropping and tampering.