Your SIP address is a unique identifier, much like your email address or phone number. With VoIP, you don’t just take your phone with you, you take your number with you. This is because your SIP credentials identify you, and you can enter those credentials (your ID) into any SIP phone or compatible VoIP app. As convenient as this feature is, there is a potential downside: SIP Identity theft.
When someone steals your SIP credentials, they can immediately making calls and illegally charging it to your account. You might wonder how many calls one person can make. The stolen identity will be sold to a vender, and unscrupulous (or unknowing) parties will make international calls using your SIP credentials as a calling card. Within hours, you will have a huge bill, and an equally big headache.
Once an attacker finds your IP address, it’s usually pretty easy to log in as you and cause serious damage. The reason: most people don’t change their password. For most phones, the default password is as simple as “admin.” Not hard to figure out.
When choosing a password, the same rules apply as any other computer password. The longer and more varied the characters are, the better. If the attacker knows a little about you, then “mychild811998” isn’t going to do you any favors, though it does contain letters and numbers. One great method to pick a secure password is to have a phrase, and use the first letter. So you if you like “Somewhere Over The Rainbow, Bluebirds Fly” you could pick “swotrbbbf” Then tweak it to add characters and numbers, like “w0+rbbbf”. Another method is to use the letters on the keyboard one key off, so “Robert Pepper” becomes “tpnrty[r[[er”. Just don’t leave it written on your desk.
Session Initiated Protocol is a great tool for business. But, as with all things, you must be aware that bad things can happen, and in today’s fast-paced world, things can go from bad to worse very quickly. But if you take a few basic steps to protect yourself, you’ll save a lot of headache.