Security & Fraud

Quick Response to a Compromised User/Device

The VoIP Help Page Team·2 min read·Last updated: March 14, 2026

**Scope:**

The following steps will allow you to quickly response if a user/device is suspected to have been compromised.

Requirements:

Access to Manager Portal (Reseller and Higher)

What to do if a user/device credentials are compromised.

1
Set user permission to Deny All
2
Log in to the Manager Portal and navigate to Domains
3
Navigate to Users and click the affected user
4
Under the Profile tab, scroll down to Dial Planning and set Dial Permission to Deny All, and click save
5
Re-create the user device
6
While you're in the user profile, click the Phones tab, make notes of the Mac Address if it's a hard phone device, Model, Record Calls setting, and Name. Click Delete next to the affected device
7
Click add phone, Enter the Phone Suffix you noted as name, select Record Calls setting and click Add button. If this is a hard phone, select the model device, Set the Record Calls setting , andenter the MAC address and click Add.
8
Reset Manager Portal Password and Voicemail PIN
9
Go to Users -> Select the affected user -> Advanced
10
Click Force Password Reset
11
You may now revert the dial permissions back to what they were, and this user will be all set.

What to Do If You've Been Compromised

Security & Fraud

Toll Fraud Prevention Checklist

Security & Fraud

Good Cyber Hygiene Best Practices

Security & Fraud

Was this article helpful?