How to Avoid Incoming Phantom Calls for Yealink Phones

In some cases it is possible to receive calls from / to non-existent “strange” numbers on your phones, such as 1000, 1001, 2000000, etc. These are typically calls sent by malicious external software that does a port scan on the corporate router. Phones that have a remote connection to a remote PBX or Cloud platforms create a dynamic NAT session in the router which should be “protected”, that is, valid only between the phone and the PBX: however, a router BUG can allow anyone to intrude on the sesisone and then send data traffic to the phone. This BUG therefore allows you to send calls to the phone, calls that in practice do not exist (lifting the handset does not hear anything), for the sole purpose of disturbing the user.

Given that the problem must be solved upstream, by updating the router firmware or replacing it with someone else, in Yealink phones you can prevent these calls from being accepted, with the following few configurations.

The first option is to make sure that the phone only answers the IP of the PBX on which it is registered, and then credit it as such.

  • Go to the Features menu -> General Information -> Accept SIP trust server only
  • Scroll towards the bottom of the page (plus or minus the 6th option from the bottom, depending on the FW version)
  • Find the Accept SIP trust server only parameter and select enabled

 

A second option is to prevent the phone from answering calls directed to its IP address:

  • Go to the Features menu -> General Information -> Allow IP call
  • Scroll towards the bottom of the page (plus or minus the 5th option from the bottom, depending on the FW version)
  • Find the Allow IP call parameter and select┬ádisabled

 

For other phone models refer to the manufacturer’s documentation.