Telephone calls cost money. They cost us money to route the calls and we charge you money. There are people who try to defraud you, or us, in to making calls and running up a bill. It is important that you take security seriously to avoid an unexpected bill.
There are two main types of fraud. One is where calls are made for people that actually want to make phone calls. Some company or shop or some such may route lots of calls for people wanting to call home (expensive overseas numbers) and charge them. They may use compromised accounts to route these calls without paying for them. The other type is where a number provides some sort of kick back (like premium rate numbers), but these are typically expensive international numbers - where lots of calls are made for as long as possible to get revenue from the calls. There are, no doubt, other reasons for call fraud.
The key risks here are that (a) your VoIP equipment is compromised and someone uses it remotely to make calls via us, or (b) your VoIP login details are compromised, and someone uses us directly but with your credentials to make calls.
It is important to realise that, as per our terms, in most cases, if there is some sort of fraud then you have to pay for the calls that have been made, so please do take security seriously and use the options we provide to reduce risks.
There are a number of steps you can take, and that we take, to reduce these risks. Please consider which are appropriate to your usage. Because people have a wide range of applications for VoIP, it is not practical for us to guess what settings you want, though we do try to set some sensible defaults.
We are always working on new security measures, but we can never guarantee to detect fraud and stop calls as there may be no way to tell them apart from perfectly normal calls you are making. It is important that you play your part in ensuring your system is secure and your login details are not disclosed.
Please do keep an eye on our status pages and control pages for more security measures as we add them.
We want to be fair with our customers, but we also do not wish to be out of pocket if we have not done anything wrong. We explain the checks and security measures we can offer, and if they are not sufficient for your needs you should not take service from us.
If we have made an error and failed to provide the security we claim to (e.g. if the IP lock down allowed calls from outside the IP you specified, or somehow we disclosed your VoIP login details to someone else) then we would not charge you for the fraudulent calls that result.
However, we do expect you to keep the login details secure, and so if your login details are correctly used we expect you to pay for the calls. We'll consider any evidence you have to suggest we somehow disclosed your details or were otherwise negligent, but if not, then we have to assume the details came from you, or your equipment, and that you have to pay for the calls.
Where there is a clear case of some sort of fraud and a large bill we will also (a) reduce the cost of calls to our cost price, though this is often a very small reduction, (b) try to see if our carriers will reduce the cost if they can and pass that reduction on to you, and (c) try to come to an arrangement for payment by installments if you cannot pay in one go. We have no intention of making money out of fraud, but we don't wish to make a loss if we have not failed in some way.
So please, take security seriously.