Unauthorised use of my sipgate account
Have you:
- Noticed calls from your account that you did not place?
- Noticed VoIP phones other than your own registering online within your account?
- Received a sipgate email warning of unusual calls from your account that you did not make?
If any of the above apply carry out the steps below immediately and in the following order:
- Change the login password to your email account.
- Change your sipgate user login password
- Change your device's SIP Password
- Under 'Phones' in your sipgate account check that only your VoIP phone is registering online.
- Review your local network and online security to avoid a recurrence of this issue.
- Contact our support at: team@sipgate.co.uk confirming your account number, that you've taken the above steps along with the called numbers and the times of these calls.
A review of your local home network security should at the minimum include these steps:
- Change the device administrator password to access your router settings;
- Update your router's firmware to the most recent version and check your firewall settings;
- Change the administrator password to access the settings of your VoIP phones and devices;
- Ensure remote access or administration of your router, VoIP devices, IP PBX and other local network devices is disabled;
- Do not place VoIP phones or devices in the DMZ;
- Update your VoIP phone or device to the most recent software or firmware version;
- Using up to date security software to scan your computers, tablets and smartphones for viruses and other malware;
- Delete emails, local files, etc. that contain your sipgate access credentials;
- Do not allow browsers, etc. to automatically save your password or log you in to online accounts;
- Be sure to change online passwords like your sipgate web login and SIP Password once every 90 days at the least.
Although a rare occurrence, the most common breach of telephony security related to sipgate accounts is a hacked PBX. Your IP PBX administrator or support should take the usual steps to review and secure your system and network.
sipgate's Next Generation Network serves hundreds of thousands of customers daily. As part of general network management and maintenance, our monitoring for abnormal operation may often bring undesirable or unauthorised account activity to our attention. Our billing systems are built and managed in-house, incorporating effective anti-fraud and billing security protocols and processes.
When a sipgate account is used by an unauthorised third party we usually become aware of this before the customer themselves. In this case the account's telephony will be limited until a sipgate staff member contacts the account holder. We cannot however guarantee this will always be the case.
The sipgate account holder is responsible for their account's usage as well as their own local network and online security.