Unauthorised use of my sipgate account
What to do in case of data misuse
Data theft and misuse are among the most common crimes in the digital world. Not only servers and computers, but also customer accounts can become targets of hacking attacks. If you suspect that unauthorized individuals have access to your sipgate account, you can follow a few simple steps to protect yourself from further data misuse.
Follow these steps if you notice unauthorized activity
- Change the login password to your email account.
- Change your sipgate user login password.
- Change your device’s SIP password.
- Under ‘Phones’ in your sipgate account, check that only your VoIP phone is registering online.
- Review your local network and online security to avoid a recurrence of this issue.
- Contact our support at: team@sipgate.co.uk confirming your account number, that you've taken the above steps along with the called numbers and the times of these calls.
Essential steps for reviewing your local home network security
- Change the device administrator password to access your router settings.
- Update your router's firmware to the most recent version and check your firewall settings.
- Change the administrator password to access the settings of your VoIP phones and devices.
- Ensure remote access or administration of your router, VoIP devices, IP PBX, and other local network devices is disabled.
- Do not place VoIP phones or devices in the DMZ.
- Update your VoIP phone or device to the most recent software or firmware version.
- Use up-to-date security software to scan your computers, tablets, and smartphones for viruses and other malware.
- Delete emails, local files, etc. that contain your sipgate access credentials.
- Do not allow browsers to automatically save your password or log you into online accounts.
- Change online passwords like your sipgate web login and SIP Password every 90 days at least.
VoIP system security
- Perform a firmware update for your VoIP phone.
- Set a new, secure password for the user interface of your phone.
- Enable encrypted connections (https) in the web interface of your phone.
- Renew the SIP password in your user account and enter it in your VoIP phone.
- Enable a firewall for your network.
If you have a Fritz!Box, follow these steps
- Perform a firmware update for your Fritz!Box.
- Disable remote maintenance.
- Set a new password for the web interface of your Fritz!Box.
- Change the passwords for all services you use with your Fritz!Box.
- Set a new password in your sipgate account and transfer it to the Fritz!Box.
If you are using an Asterisk-based system, follow these steps
- Update your system and set a new password.
- Assign new passwords to all extensions.
- Enable the Fail2Ban function. For more information (in English), refer to the Fail2Ban homepage.
- Renew the SIP passwords in your user account and enter them in your system.
- Review the settings in your firewall.
Common security breaches
The most common sipgate account security breach involves a hacked PBX, though this is rare. Ensure your IP PBX admin reviews and secures your system and network.
sipgate’s network serves hundreds of thousands of customers daily. Our in-house billing system includes strong anti-fraud measures, and our monitoring often detects suspicious activity. When an account is used by unauthorized parties, we typically notice before the customer, temporarily limiting telephony until we make contact. However, we can't guarantee this in every case.
The sipgate account holder is responsible for their account's usage as well as their own local network and online security.
How to change your SIP Password(s)
- Log into your account.
- Choose the correct user.
- Choose/click ‘Phones’ from the navigation sidebar.
- In the SIP DETAILS sub-menu, find the SIP password entry and click the “Key” symbol.
- In the pop-up menu, click on ‘Generate new password.’
- After clicking ‘Generate new password,’ you will see the pop-up button briefly flash green, and then you will be returned to the normal phones overview.
If you are logged in as an administrator, you’ll be able to change the SIP passwords of other users on your account by following the same instructions.
Note:After changing the SIP password for the user’s SIP details, you will need to update the SIP password in the settings of the user’s VoIP phones and devices
Tip: For creating a secure password, it is recommended to use uppercase and lowercase letters, numbers, and special characters. Additionally, the password should consist of at least 12 characters. For more information, you can refer to the manufacturer’s website or the page of the Federal Office for Information Security.