Enterprise network with voip honeypot

Disclosed herein are systems, methods, and computer-readable storage media for a honeypot addressing cyber threats enabled by convergence of data and communication services in an enterprise network 36. Suspicious incoming VoIP calls from the Internet 20 to the enterprise network are intercepted and directed to a VoIP honeypot 40 that acts as a network decoy and responds automatically during call sessions for the suspicious incoming VOIP calls while tracing the suspicious incoming VOIP calls. Suspicious outgoing VoIP calls from the enterprise network to the Internet are also intercepted and directed to the VoIP honeypot. Moreover, an unsolicited VoIP call is redirected to the VoIP honeypot when the unsolicited VoIP call has been received by a user agent in the enterprise network and a human user of the user agent confirms that the unsolicited VoIP call was unsolicited. The enterprise network may also include a non-VoIP 41 and instant message 42 honeypots.