Top 10 Security Threats In Using VoIP Phones

Top 10 Security Threats In Using VoIP Phones

The exhibit hall at VoiceCon Fall 2005.
The exhibit hall at VoiceCon Fall 2005. (Photo credit: Alex Dunne)

VoIP phones are becoming common nowadays. They have helped a lot of businesses in achieving their goals in terms of productivity and profit. However, there are some things that we need to consider when talking about VoIP phones. For one, there are certain threats to security in using such devices. Here are the top 10 security threats in using VoIP phones.

Service Theft

This type of threat happens when hackers steal services from an online service provider, or perhaps use the services and charge the cost to another user. In SIP, encryption is not that common. Thus there is no authentication control over VoIP calls, and the credentials of the user become susceptible to theft.


Vishing, or VoIP Phishing, is considered as one of the most common security threats. This often includes the activities of cybercriminals. These culprits often pose as email providers or banking institutions. These types of scams are usually placed through text, SMS or audio. To avoid these phishing attempts, it is vital to contact the bank directly on the numbers listed on bank statements, rather than the ones listed in the scam.

VoIP Eavesdropping

This is the type of threat usually used by many hackers in order to steal other user’s information and credentials. During the process, a third party person may acquire names, phone numbers, and passwords, which eventually allows them to obtain control over matters such as calling plan, voicemail and other phone services of the user.

DoS (Denial of Service)

This threat refers to a network attack resulting in denial of connectivity or service. This threat may be done by using all of its bandwidth, or perhaps overloading the entire network with the internal resources of the device. In VoIP phones, a target may be flooded with unwanted SIP call signalling messages. As a result, calls are dropped prematurely, or cut off without warning.

Malware and Viruses


How VoIP Phones Works?



This threat usually happens to VoIP services that use softphones as well as other software that may be susceptible to worms, malware, or other viruses, pretty similar to that of an Internet application. Since the applications usually run on PDAs and PCs, they become vulnerable and exposed to code attacks that usually happens in voice applications.

Main-in-the-middle Attacks

VoIP phones are especially vulnerable to this type of threat. In this scenario, the attacker usually intercepts the call-signaling SIP message traffic, and then pretends to be the calling party into the called party, and vice versa. When this happens, the attacker gains the capability to hijack calls using a redirection server.

Call Hijacking

This type of threat is considered a sophisticated way of invading security. Cybercriminals use this threat by taking advantage of free Wi-Fi spots. When a certain user makes a call in the vicinity of the Wi-Fi area, the hacker will then hijack and enter the call, thus obtaining sensitive user information. The safest way to deal with this is by making sure that personal and very important information is not revealed in public.

Call Tampering

Though this type of security threat may not be considered dangerous, it is still inconvenient. The attacker will influence the quality of the call and ruin it by injecting a very annoying sound directly to the stream of data. These attacks do not give any advantage to the attacker, but it is does cause nuisance and annoyance.

SPIT (Spamming over Internet Telephony)

Spamming is very common in emails. However, VoIP spamming is not yet that prevalent. With this type of security threat, spammers send their messages to thousands of different IP addresses. As a result, voice mailing will deteriorate and suffer. With this type of spamming, the voicemail capability will be clogged. This is becoming more common nowadays with the emergence of VoIP phones.

Service Integrity

This threat generally happens when the entire service capabilities of your VoIP phones begin to be sacrificed. As a result, caller ID, call forwarding, voice mail, as well as three way calling may be used for toll fraud, identity spam and theft by these hackers. Also, though it is not yet that common, attacks on the PSTN using the VoIP network may cause a serious harm to the integrity of services provided.

About the Author

Michelle Patterson is an ex-police officer and works for a local security company in Grenada. She works with a number of institutions advising them on the need for security and how to handle risks of all kinds. She is particularly worried about modern communication methods that could have potentially unknown risks.  You can reach her via email at Email for Michelle Patterson.



%d bloggers like this:
search previous next tag category expand menu location phone mail time cart zoom edit close