Significant Threat
IP 87.106.78.3 is a high-risk address associated with VoIP fraud and unauthorized access attempts, drawing from 417 incident reports with a 92% confidence rating. The German-hosted IP demonstrates sustained malicious activity at high frequency, primarily targeting voice-over-internet protocol infrastructure to exploit phone systems for financial gain through unauthorized premium-rate calling schemes.
Community reports and automated honeypot sensors logged this activity consistently throughout May 2026, generating 21 distinct threat events classified as VoIP fraud and hacking attempts. The IP operates within the IONOS SE network (AS8560), a major European hosting provider, which may indicate compromised hosting infrastructure or abuse of legitimate business services. Suricata intrusion-detection systems flagged the address for spurious TCP stream retransmissions consistent with reconnaissance and exploitation patterns typical of VoIP system compromise.
VoIP fraud represents a concrete financial threat to organizations running telephony infrastructure, as attackers leverage compromised or poorly secured phone systems to place unauthorized calls—often to premium international numbers—generating illicit revenue while victimizing both the telephony provider and the organization whose services are exploited. The technical indicators observed suggest active enumeration of SIP endpoints and manipulation of call-session data, exposing any organization with exposed VoIP services to unauthorized usage charges, service disruption, and potential broader network intrusion.
Site operators should immediately block or restrict access from this IP at the network perimeter firewall and implement fail2ban or equivalent log-based blocking to automatically respond to repeated intrusion patterns. Organizations running VoIP services should enforce strong SIP authentication, disable unused extensions, monitor call-detail records for anomalous patterns such as unusual destination numbers or after-hours calling, and restrict premium-rate and international dialing where business requirements allow. Regular audit of telephony configurations and patch management for session-border controllers and PBX systems further reduces exposure to this threat vector.
ES 
GB 
FR 
AT 
VN