Fighting #VoIP #fraud Part 2: false #Ukash transactions with incorrect #SIP prepaid amounts! – do not deliver your services!

Dear customers,

!! WARNING !!

Take a look at the false Ukash transaction below. We receive MANY of these incorrect transactions from a person named ‘Gera Borok’ (registered on our system from Germany) using email address: gbodok1 . Most possibly both name + email address are false. A Google search leads back to some Russian sites.

What they do is this (mail from the Ukash Fraud Prevention Team):

#### Beginning of mail from Ukash ####

Thanks for your email

These type of transactions are indicative of the way criminals try and break the audit trail and are usually associated with money laundering. The criminals would try and redeem transactions for small amounts with a merchant ( usually less than €1) in an attempt to get a change voucher. They believe this action would hide the audit trail so that the new change vouchers is not connected to the original fraud. The minimum spend of € 12.50 which you have in place should protect you from these types of transactions.

Under no circumstances should you accept these redemptions. The accounts into which the small transactions amounts were going to be loaded should be classified as suspicious and should be investigated as well. It is possible that these account holders are connected to a to money laundering scheme. If you have any information on the these account holder, it would be very useful if you can pass this information to our investigators. Information such as verified name and address will be very helpful in preventing this from re-occurring

#### End of mail from Ukash ####

Now here is such a ‘false transaction’: (we do NOT sell SIP amounts of 10 or 50 cents at all!)

è So be careful and always check the Ukash transaction thoroughly before you top up or deliver goods / services to your customers!

If you have more information that you which to share with us, feel free to comment.

Thank you!

Team XeloQ IQ-Telephony

Troubleshooting Tip: what do to when your #Asterisk or #3CX PBX #SIP Trunk does not register at the XeloQ SIP servers?

TROUBLESHOOTING TIP:

It is always nice to help out a customer quickly on the phone.

There was a problem on a 3CX PBX. It did not register at our servers. The account itself was fine.

We tested it quickly with eyeBeam overhere and on a separate PC at the customer in Malta.
That all worked fine, registered and we could make phone calls.

This directly tells us that the Interconnect to the XeloQ SIP servers is fine as well as the customers’ LAN, DSL / Internet connection and firewall.

So within 10 minutes we determined the issue was in the PC running 3CX. Possibly a reboot solves all.

So remember when there is a problem with your IP PBX, just quickly use the Trunk account in a Softphone to see if the account and the Internet connection to the XeloQ servers are fine.
Then go from there to isolate the problem.

XeloQ fully supports SIP Trunks using the following IP PBX brands:

If you’re still stuck, just give us a call on +31-23-8901271 or send an email to support@XeloQ.com.

Have a nice day!

Team XeloQ IQ-Telephony

Our #VoIP blog 2012 in review – thanks all readers and have a great 2013!

The WordPress.com stats helper monkeys prepared a 2012 annual report for this blog.

Here’s an excerpt:

600 people reached the top of Mt. Everest in 2012. This blog got about 4,500 views in 2012. If every person who reached the top of Mt. Everest viewed this blog, it would have taken 8 years to get that many views.

Click here to see the complete report.

How to download & configure the XeloPhone #VoIP Softphone on your iPhone / iPad / iPod. Read our blog now ( #iOS #Apple)

Installation and configuration of the XeloPhone for iPhone / iPad / iPod on XeloQ’s VoIP system

Our own iOS based XeloPhone is here!

Here’s how to install and configure this great, free VoIP Soft Phone. Savings up to 90% are possible using your SmartPhone and bypass your regular Mobile subscription plan.

If you want to control Advanced Settings, also follow the steps from Step 5 and onwards.
But, to make the XeloPhone work with your XeloQ VoIP account, Steps 1 – 4 are enough.


Just follow the steps below and you are ready to go.

Step 1: get an account at our system – click HERE and pay for it (click HERE)
You can also automatically pay with PayPal from your account at the Payments screen.

Step 2: get the XeloPhone from the App Store and install it: click HERE

Step 3: configure just 2 basic settings (username + password) using the screen prints below (at Step 4 it will register).

First, at your iPhone or iPad go to Settings and choose XeloPhone; you will see the next screens:

Click on Account. After that you will see this:

Fill out your account + password (see the registration email).
These are the basic settings that are enough to make the XeloPhone work.

Step 4:
Leave settingsand restart the XeloPhone. It will now show Registered.

These settings are enough to make it work but the geeks amongst us wish to tune the XeloPhone to make it work on Low Bandwidth networks as well.

Making phone calls:

If there is credit on your account, you can make phone calls using the International format e.g. 003123890127 or 0031612345678
Just enter the phone number and press the green telephone button. You call will be setup now.

More information; check our support pages.

Step 5 – ADVANCED SETTINGS

You can control the way the XeloPhone works on 3G or WiFi networks (or both). Set it like this:

Step 6 – Codec Settings
For low bandwidth networks, use g729 or iLBc codecs; see the next picture.


Step 7 – Video Codec Settings
If you do NOT use video calling (only possible between 2 XeloPhones) just turn OFF all video-codecs. See the next picture.

That’s basically all. Enjoy our services and savings up to 90% are now possible using your SmartPhone and you will bypass your regular telco.

Kind regards,

XeloQ Support Team

Protect your #Asterisk or other IP #PBX from hacking and fraud. Read our extensive blog now. Let’s fight #VoIP fraud together!

How to protect your Asterisk or other IP PBX from hacking into it, abusing it and spending your credit?

Now XeloQ is growing rapidly, our support team get phone calls and emails regularly from customers on HOW to protect their IP PBX?

This is an important issue and besides normal ICT protection (to protect against Trojans, Spyware, viruses and hacking into mail /webservers) this should be a constant item for each ICT manager to be aware of. It all starts with awareness.

Besides our own security guidelines and blogs we collected some very good information to help you here. If you act on this in the described ways you and your IP PBX are pretty safe.

Ready? Let’s go.

1. Before you start out with VoIP at all, you would like to be informed if the company you do business with isn’t a fraud itself. Check all out here in our own blog:

http://xeloq.wordpress.com/2011/12/14/how-to-identify-a-voip-fraud-company-important-when-you-are-the-victim-of-voip-fraud-2/

2. Check our OWN safety guidelines . Read, understand and act on it.

3. Whether you run Asterisk, Trixbox, Elastix, 3CX, Avaya, Cisco, Lync, MyPBX or any other IP PBX, make sure all latest patches are installed. Check this at the supplier websites.

4. NEVER, we repeat NEVER use the default passwords on any system for Administrator access. Restrict REMOTE access to the systems from only 1 IP address

5. If you CAN, always install your IP PBX on a NAT LAN (local area network with NAT / private IP addresses) – this makes it hard to get into the IP PBX from the outside world
Read here to do this with Asterisk: http://forums.asterisk.org/viewtopic.php?t=74786 (also LOTS of other good tips)

Summary from that page:

‘Put the Asterisk box behind a NAT router, the system will not be contactable from the outside, but can initiate and maintain registered connections with SIP providers on the outside. That is the simplest way to make your asterisk box secure "enough" whilst still being able to make and recieve calls over the net. It wont work with external handsets, you may need to look at a low latency / SIP/RTP friendly VPN such as Open VPN to give you that functionality’.

6. Don’t use the same username and password on your extensions. Also make sure the internal extensions have difficult to ‘guess’ passwords.

7. Keep the inbound call routing in a different context to your outbound routing. That way, anyone who gets in, can’t get back out again. Common problem and biggest cause / source of toll fraud.

8. Restrict the IP addresses your extensions can register on to the local subnet using permit/deny in your sip.conf

9. Disable channels that you aren’t using (such as skinny and MGCP) and comment out ay default settings in the conf files

10. Set “alwaysauthreject=yes” in your sip configuration file. What this does is prevent Asterisk from telling a sip scanner which are valid extension numbers.

11. If you do not have ‘external’ extensions, you can DISABLE access on port 5060 / 6060 for INCOMING traffic.

12. Use restrictive dial plans (disallow calling to 0900 + Premium numbers) and non-numeric logins for your extensions.

13. If you wonder what happened and / if hackers got in or not, read all in the Asterisk LOG file: /var/log/asterisk/messages

14. Read the comments from Chris on http://forums.asterisk.org/viewtopic.php?t=74786 (somewhere in the middle); many of the above info came from him (thanks Chris) and he describes all the .conf files to adjust to make it very secure.

15. Install a SIP port firewall. This will not allow "fast scanning" of port 5060 and will blacklist the endpoint for 1 hour if something like this is happening.
More info: http://www.voip-info.org/wiki/view/Asterisk+firewall+rules

Now…..you do NOT want to see this anymore do you? Read on!!

TESTING – TESTING 1 -2 – NOW YOU’RE GONNA TEST !

Now all that has been done you want (and need) to test if all is secure. If you think there is no tool available to test and hack into any Asterisk based server, think again. It exists. Dozens of these tools are around but one good one is SIPVICIOUS. It is a SIP SCANNER and checks HOW TO BREAK into your Asterisk box.
If you followed all steps above….and in the article below nobody would ever be able to get in anymore

It doesn’t matter we tell it here because every hacker already knows this tool. So now we are going to USE THAT TOOL to see if you are secure. And that is what we want to know isn’t it?

Check it all on http://sysadminman.net/blog/2009/hacking-and-securing-your-asterisk-server-592 à installation steps and some more things to take care of are all included on that page.

When all is fine, it would be nice to get the following sticker on your Asterisk server wouldn’t it?

Good luck! And if you have any feedback, just post it here. We and all our worldwide IP PBX users would appreciate!

Take care,

XeloQ IQ-Telephony Support Team

Installation and configuration of LinPhone for iPhone on XeloQ (#VoIP #SIP #LinPhone #iOS)

Installation and configuration of LinPhone for iPhone on XeloQ

Our own iOS based XeloPhone is almost out of Review status (might be done as we speak so always browse the App Store and look for XeloQ or XeloPhone).
But if you want to call using our SIP system already on your iPhone, we suggest using LinPhone. A great free VoIP Soft Phone.

Just follow the steps below and you are ready to go.

Step 1: get an account at our system – click HERE and pay for it (click HERE)

Step 2: get LinPhone from the App Store and install it: click HERE

Step 3: configure LinPhone using the screen prints below (at Step 4 it will register).

Step 4: Then it should REGISTER at our system.

Step 5: Make a test call to number 900


Step 6:
If there is credit on your account, you can make phone calls using the International format e.g. 003123890127 or 0031612345678

More information; check our support pages.

Any questions: email to support

Good luck.
Support Team XeloQ IQ-Telephony

How to setup IP Authorization from a #3CX IP #PBX to XeloQ #VoIP provider? (instead of a normal #SIP #Trunk)

Dear 3CX owner,

Here the steps to setup an IP authorization from your 3CX IP PBX when you requested XeloQ Support to accept your VoIP traffic from only 1 IP address.
(you will have to request IP Authorization at our support department first!)

Normally, when you use the SIP Trunk setup, you add a VoIP provider with the Add VoIP Provider Wizard. Forget this step when you need IP Authorized access to our SIP servers.

–> For IP Authorized traffic, you will need to Add a PSTN Gateway so please follow the next steps.

Step 1. Click Add PSTN Gateway

Fill all out like below and click Next.

 

Step 2. Specify Gateway details

Fill all out like below and click Next.

 

Step 3. Create Ports

At the next screen, just press Next. This is all fine (it is not used anyway).

 

Step 4: Create an Outbound Rule

Fill all out like below and click Finish.

 

–>> After that you will see this:

Step 5: Edit Advanced PSTN Gateway settings

In the Advanced settings TAB of the PSTN Gateway; please set Registration Settings to ‘Do not require’
See below.

Step 6: Move Outbound rule UP to the top position

Make sure the calls will go with the 00 prefix to THIS PSTN Gateway and NOT to your default VoIP Provider.
So move the Outbound rule for this Gateway all the way UP. See below.

Step 7: Set CLI – Caller Line Identification (optional; if you want a number to show on your outbound calls)

This is a little different. You do NOT set this at TRUNK level but you set this PER EXTENSION and you use the FIRST & LAST Name for that.
See the example below.

ONLY use First Name; fill out the entire number at FIRST NAME field. Leave LAST Name empty.

Step 8: Start Dialing

When you dial out with 0031xxxxx or 0044xxx all is fine. The calls will be send out through the PSTN Gateway which NOW basically is your IP Authorized ‘VoIP Provider SIP Trunk’ .

Now you are done.

Enjoy the XeloQ IQ-Telephony services with your IP Authorized 3CX IP PBX!
Support Team XeloQ Communications

How to identify a VoIP fraud company? (important when you are the victim of #VoIP fraud)

 

How to identify a VoIP fraud company?

As you know XeloQ IQ-Telephony can be considered to be a solid and honest VoIP Telecom provider, but -unfortunately- there are many, many so called FRAUD companies.

We can roughly distinguish them in 2 categories:

1: The fraudulent VoIP providers (Internet Telephony Service Providers offering you the Telephony services) running away with your money or just disappear.

2: Fraudulent customers (hackers) coming TO companies like XeloQ (or other VoIP providers) using stolen credit cards and hacked SIP accounts.
As a VoIP Provider you should always verify the customers’ identity and authorize payment methods before you accept.
Besides that you should inform your customers to secure their IP PBX systems, SIP account information and email systems.

Check that at: http://xeloq.com/en/business/support/drvoip#/en/business/support/protect-your-ip-pbx-safetyguidelines


>> Now for the first option; HOW to recognize a fraudulent VoIP provider? <<

VoIP traffic provider might be fraud if they can route the traffic on postpaid basis and accept large amounts of traffic from you. In most cases they ask for a downpayment of $10000 before you can send traffic (to setup the interconnect they claim) and run away with that money. Once the partners are deceived, owners of such corporations are inaccessible. But you can defend yourself before they steal. Go on reading this and find out how you can do that.

If you do not have a way to work on prepaid basis then you should thoroughly check your future partner for fake activity.


Below you will see a short check-list and gives you the idea of how to discover a fraud VoIP Provider.

1. Search for the organization name in Google
Try to look for the company name in search engines, add the name of the head, who you are going toestablish relations with. Let your imagination bloom and search for other related things like e-mail address, IM number, the address of the company. Try to skim what the search engine has found for you to make sure, that the information you’re searching for is not referred to somewhere. If it is never mentioned and you found nothing at all, it is a bad sign.

2. Consider Checking VoIP Fraud Lists
By scanning VoIP forums, deceitful companies list, VoIP public black-lists you can get new information about the company or its head, who recently wrote to you and offered to co-operate.

Two well known VoIP Fraud websites can be found here (both fraudulent VoIP providers and cheating customers are listed there):

http://voippolice.com and http://www.voipfraud.net


3. You Can Send Your Tech Form

Send the form to a partner and ask to fill in. Use the IP-address of the softswitch to identify who is a co-location supplier. Then there are two possible ways: you either have to call to a terminator and gently ask for references for their clients, who they are, if they are trusted, if they prefer to have a long-term agreement etc, or learn if your client has his own Autonomous System. In case he has none then he is less trustworthy. Otherwise he can be trusted because having own AS means, that company has serious business in the Internet.

4. Find out if Your Future Client Has a Website
Examine the website of the company. The website should contain more than one page. The more services talked of on the website and truly provided by the company, the more reliable your potential client, because they have different profit sources and will not deceive to damage their brand.

5. Your Partners Should Have an e-mail at Their Own Domain
Be suspicious to those people, who write from yahoo or gmail e-mail address. Often it might mean, that a corporation even had no wish to arrange its own mail service. So, they might not take their Internet business seriously and not have plans to have a long-term collaboration.

6. The Aim for Bilateral Business
The wish to establish bilateral relations is a good sign of a well-established organization. Everyone needs to sell in order to get income. So, during the first conversation with your potential client ask if they have good routes, how much traffic they have available, if they would like to sell something as well.

7. Is There an Intention To Sign NDA
Ask for references. Sometimes corporations have NDA between each other, so, they can’t reveal references, but NDA itself is also a good sign. Bear in mind that references should be provided by well-known long term players, not by those found in offshore countries.

8. A Telecom License in the Country of Residence.
Being a telecom operator in their country is a good sign meaning that your partner is a a reliable one.

9. Check the Membership in Organizations, Exchanges, Conferences
Ask you partner about symposiums where you can meet in person and talk about upcoming partnership. A company, which actively participates in such events as GTM, Capacity, CNX by Ancotel can be thought of as a trustworthy business-partner.

10. Have You Been Asked for Premium Traffic With CLI and Faxes?
Clients with well organized activity not only with the wholesale quality traffic. Consider the fact that they also would prefer premium termination with CLI and faxes pass through.

11. Check Physical Office
One of the signs of a serious business partner is having a physical office with real equipment, employees and office furniture.

(parts taken from: http://boltbulletin.com/industry-news/are-there-any-trusted-information-on-how-to-identify-a-voip-fraud-company )

—-

Any comment or tips? Let us know!
Thank you!

.

Using #VoIP on a #Smartphone on 3G could be problematic. Always run this great #speedtest before calling with your #Phone app.

What is your actual Internet Connection speed on your Smart Phone right now? We got the answer. Read on.

There you are. You and you brand new iPhone or Android smartphone. You like it. It is nice. But calling outside your bundle is expensive as is International calling.

So you found XeloQ IQ-Telephony and installed one of the free softphone apps like LinPhone or CSipSimple…..you start calling your uncle in South America .He is been travelling there and like to receive a call every now and then on his mobile. While you’re in your car and he picks up your call his voice is broken up and you can not hear him very clear.

What you would like now before you make the call is a speed test to test your internet connection speed. Well, here it is. Both for iOS and Android.

Speedtest.net Mobile is a native version of the most popular broadband testing tool on the Internet. Use it to measure the network speed of your SmartPhone device.


OK, get started!
Open your App Store (on iPhone) or Market (Android) and search for Ookla Speedtest. Download it. Install it. Launch it.

If you can not find it in the iPhone App Store: click here
If you can not find it in the Android Market: click here

After launching it, you will see similar screens like below:

Just press BEGIN TEST and let it run. Repeat the test several times and then you know if there’s enough bandwidth to use it for VoIP calling.

For the tech geeks:
Our prefered codec on 3G / UMTS is iLBC and that uses like 15 kbits/sec. Select this codec while calling on 3G. When you haven’t got the minimum bandwidth….you can not make a clear VoIP call. Simple as that. On WiFi networks you will probably never have any issue with calling. That just works fine.

Ok; now you know. Pass it on.

Kind regards & hope to talk to you soon!
XeloQ Support Team

..