Compromised VoIP Accounts

This article will explain what to do if your Netphone (VoIP) service has been compromised.

A service is compromised when a third party obtains your VoIP phone number and VoIP password, and uses these details to make calls, typically calling expensive international destinations (phone fraud). In many cases, the calls are made using a machine, meaning there may be multiple calls made at the same time, or calls occur within seconds of each other.

Select one of the links below to jump to a query:

  1. The call history of your VoIP service is monitored, but there can be up to a 48 hour delay between calls made and calls being recorded on our systems.
     
  2. If our systems detect call activity that resembles a compromised account (e.g. multiple consecutive calls to a high risk international number) then your VoIP service will be suspended.
     
  3. If this occurs, an email and SMS advising of the suspension will be sent to the contact details listed on your account.
     
  4. A member of the iiNet Support Team will attempt to contact you within 48 hours to assist you in securing your account again, or you may call us on 13 22 58.

 

In short, you'll need to:

  • Run an antivirus and anti-malware scan on your computer and remove any infections found. If your computer is severely infected and you have difficulty using it, you may need the assistance of a computer technician to get it working again.
     
  • Make sure any Remote Management/Remote Connect functions in your modem settings are disabled.
     
  • Change your modem settings login password from the default or current password (ESPECIALLY if you use the Remote Management feature).
     
  • Change your modem's WiFi password. Please note that once your WiFi password has been changed, you'll need to reconnect to your WiFi using the new password. In some cases, your device may keep trying to use the old password, so you'll need to select an option to "Forget this network" if you see one in the settings. You should then be able to start fresh and connect with the new password.
     
  • Changing the password for your email addresses is also recommended as your VoIP account may have been compromised via compromised email accounts. If the email address is with iiNet, you can change the password in Toolbox or give us a call on 13 22 58.

IMPORTANT: This troubleshooting involves changing your modem settings. Guides have been supplied for modems sold by the iiNet Group below (head back to the top of the page to jump to the instructions for a specific modem). If you use a third-party modem, please check the modem’s user manual or visit the manufacturer's website for support information on how to access and change the modem settings.

 

  1. Run an antivirus and anti-malware scan on your computer and remove any infections found. If your computer is severely infected and you have difficulty using it, you may need the assistance of a computer technician to get it working again.
     
  2. It’s possible that your account was compromised by information obtained through your email account. You should change the password for any email addresses listed in the contact details of your iiNet account.
     
  3. Open your web browser and go to http://10.1.1.1.
     
  4. Log in with the default username admin and default password - on the TG-1, this is “admin”. On the TG-789, this is a unique password printed on the sticker on the base of the modem next to "Password".

    If you have changed your modem password from the default, log in with your custom password.
     

  5. If you find that you can’t log in due to an incorrect password, you may need to factory reset your modem to return the password to the default.
     
  6. On the dashboard, make sure the switch on the Assistance panel is set to OFF.
     

     
  7. On the dashboard, select the Wireless panel.
     

     
  8. You'll see the wireless settings. Under Access Point, make sure Security mode is set to WPA2 PSK and then enter a new, different Wireless Password. If you don't actively use WPS to connect devices to your WiFi network, set this switch to OFF and then click Save.
     

     
  9. Close the Wireless window to return to the dashboard.
     
  10. The next step is to change your modem's login password to something different from the default "admin". The only way to do this is in step 5 of the Setup Wizard.

    If you're not confident doing this alone as the first 4 steps of the Setup Wizard involve re-entering/confirming your broadband settings, skip to the next step and call us. Once we change the passwords for your service, a member of our Support Team can guide you through the Setup Wizard to make sure your broadband and VoIP is configured with the new passwords, and they can help you with the modem login password at the same time.

    Note: Please write down your new modem login details and keep them somewhere safe for future reference.
     

     

     

  11. Call us on 13 22 58 for assistance in changing the passwords for your service.
     
  12. Once these security measures have been taken, you may request that your VoIP service be unsuspended. As always, you are accepting the risk that failure to keep your home network secure may lead to further exploitation of your services and you are liable for any charges resulting from a security breach outside of the iiNet network.
     
  13. Remember - the integrity of your network is your responsibility. iiNet cannot ensure that your network and the devices attached to it are secured - we may only be able to secure iiNet provided hardware. Only request that your VoIP service is unsuspended once you know that the problem has been detected and resolved.
     
  14. Your VoIP unsuspension request may take up to 2 working days to process.

 

These instructions should work for both the Huawei HG532d and HG658 as they both have near-identical settings menus. Example screenshots have been taken using a Huawei HG532d.

  1. Run an antivirus and anti-malware scan on your computer and remove any infections found. If your computer is severely infected and you have difficulty using it, you may need the assistance of a computer technician to get it working again.
     
  2. It’s possible that your account was compromised by information obtained through your email account. You should change the password for any email addresses listed in the contact details of your iiNet account.
     
  3. Open your web browser and go to http://192.168.1.1.
     
  4. Log in with the default username "admin" and default password “admin”. If you have changed your login details from the defaults, log in with your custom credentials instead.
     
  5. If you find that you can’t log in due to incorrect login credentials, you may need to factory reset your modem to return the username and password to the default “admin”.
     
  6. Click Basic in the left-hand column and then select WLAN.
     
  7. Make sure Security is set to WPA2 PSK and then enter a new, different WPA Pre-shared key (WiFi password). If you don't actively use WPS to connect devices to your WiFi network, untick the WPS Enable box and then click Submit.
     

     
  8. The next step is to change your modem's login password to something different from the default "admin". After your WiFi changes have saved, click Maintenance in the left-hand column and then select Account.
     
  9. Select "admin" from the User Name drop-down menu. Enter a new, different password into both the New Password and Confirm Password boxes.

    Note: You may also change the default username "admin" to something different if desired.
     

     

  10. Before hitting Submit, write down your new modem login details and keep them somewhere safe for future reference.
     
  11. Call us on 13 22 58 for assistance in changing the passwords for your service.
     
  12. Once these security measures have been taken, you may request that your VoIP service be unsuspended. As always, you are accepting the risk that failure to keep your home network secure may lead to further exploitation of your services and you are liable for any charges resulting from a security breach outside of the iiNet network.
     
  13. Remember - the integrity of your network is your responsibility. iiNet cannot ensure that your network and the devices attached to it are secured - we may only be able to secure iiNet provided hardware. Only request that your VoIP service is unsuspended once you know that the problem has been detected and resolved.
     
  14. Your VoIP unsuspension request may take up to 2 working days to process.

 

These instructions will only work for the NetComm model sold by the iiNet Group.

  1. Run an antivirus and anti-malware scan on your computer and remove any infections found. If your computer is severely infected and you have difficulty using it, you may need the assistance of a computer technician to get it working again.
     
  2. It’s possible that your account was compromised by information obtained through your email account. You should change the password for any email addresses listed in the contact details of your iiNet account.
     
  3. Open your web browser and go to http://10.1.1.1.
     
  4. Log in with the default username "admin" and default password “admin”. If you have changed these settings from the default, log in with your custom details instead.
     
  5. If you find that you can’t log in due to an incorrect username/password, you may need to factory reset your modem to return the username and password to the default “admin”.
     
  6. You'll see the Basic view of your modem's settings. At the bottom of the page, click Switch to advanced view.
     
  7. Click Security Settings in the top menu bar and then select Miscellaneous from the drop-down menu.
     
  8. Make sure the the Enable box for Remote Administration is not ticked. Click Save if you had to make any changes.
     

     
  9. Next, click Network Setup in the top menu bar and then select Change Password from the drop-down menu.
     
  10. On this page, you'll need to change the password to log into your modem settings to something different from the default password "admin". You may need to enter "admin" into the Old Password box before entering a New password and repeating it in the Reconfirm box.
     
    Note: You may also change the default username "admin" to something different if desired.
     

     
  11. Before hitting Save, write down your new modem login details and keep them somewhere safe for future reference.
     
  12. Next, click Network Setup in the top menu bar and then select Wireless 2.4GHz from the drop-down menu. If you use the 5GHz network for your WiFi, select Wireless 5GHz instead.

    Note: If you use both, please repeat step 13 for both the 2.4GHz and 5GHz networks.
     

  13. Make sure Authentication is set to WPA-PSK/WPA2-PSK and then enter a new, different password in the Pre-shared Key box before clicking Save.
     

     
  14. Call us on 13 22 58 for assistance in changing the passwords for your service.
     
  15. Once these security measures have been taken, you may request that your VoIP service be unsuspended. As always, you are accepting the risk that failure to keep your home network secure may lead to further exploitation of your services and you are liable for any charges resulting from a security breach outside of the iiNet network.
     
  16. Remember - the integrity of your network is your responsibility. iiNet cannot ensure that your network and the devices attached to it are secured - we may only be able to secure iiNet provided hardware. Only request that your VoIP service is unsuspended once you know that the problem has been detected and resolved.
     
  17. Your VoIP unsuspension request may take up to 2 working days to process.

 

The instructions used here should work for iiNet’s Budii Lite, Budii, BoB2 and BoB Lite. To show an example, screenshots have been taken with a Budii.

  1. Run an antivirus and anti-malware scan on your computer and remove any infections found. If your computer is severely infected and you have difficulty using it, you may need the assistance of a computer technician to get it working again.
     
  2. It’s possible that your account was compromised by information obtained through your email account. You should change the password for any email addresses listed in the contact details of your iiNet account.
     
  3. Open your web browser and go to http://10.1.1.1.
     
  4. Log in with the default password “admin”. If you have changed your modem password from the default, log in with your custom password.
     
  5. If you find that you can’t log in due to an incorrect password, you may need to factory reset your modem to return the password to the default “admin”.
     
  6. Select Advanced Settings from the top menu bar and then select Modem password & remote management from the left-hand column.


     

  7. Enter a new modem password that contains a mix of upper and lower case letters, and numbers. You must change your password even if it was not previously set to the default “admin”.


     

  8. Make sure that Remote Management is set to OFF or Disable.


     

  9. Before clicking the Save Settings button in the upper right-hand corner, write down your new modem login password and keep it somewhere safe for future reference.
     
  10. You may be required to log in to your modem again with your new password.
     
  11. Select Set up my Wireless from the top menu bar.
     
  12. For Primary SSID Security Options, make sure that WPA/WPA2-PSK and Passphrase (8~63 characters) are selected.
     
  13. Enter a new password for your wireless network in the Pre-shared key text box. It must be at least 8 characters long and should contain a mix of upper and lower case letters, and numbers.

     
     

  14. Call us on 13 22 58 for assistance in changing the passwords for your service.
     
  15. Once these security measures have been taken, you may request that your VoIP service be unsuspended. As always, you are accepting the risk that failure to keep your home network secure may lead to further exploitation of your services and you are liable for any charges resulting from a security breach outside of the iiNet network.
     
  16. Remember - the integrity of your network is your responsibility. iiNet cannot ensure that your network and the devices attached to it are secured - we may only be able to secure iiNet provided hardware. Only request that your VoIP service is unsuspended once you know that the problem has been detected and resolved.
     
  17. Your VoIP unsuspension request may take up to 2 working days to process.

 

  • Regularly scan your computer for viruses and malware.
     
  • Make sure your wireless network has a secure WPA/WPA2 password, and don’t share this password with anyone you don’t want to have access to your network.
     
  • Change the password for your modem from the default setting.
     
  • Never share your passwords over email, instant messengers or social media. If you need to record any password, write it down on a piece of paper and keep it somewhere safe.
     
  • Never enable remote management on your modem without setting it to a static IP address of a secure computer that is also owned by you. If you don’t set a static IP address for remote management, then any computer can access your modem remotely and potentially compromise your services.
     
  • Make sure that your modem is running the latest version of its firmware. We’re always making improvements to the default settings to reduce the risk of a compromised account, such as removing the option to have remote management enabled while the modem password is still set to the default “admin”.

 

Was this article helpful?

YesNo