Imagine someone jeopardizing your home security system by hacking your phone’s voicemail. There’s been a widely reported story of a British tabloid newspaper accused of accessing voicemail messages of murder victims, government officials, celebrities and possibly victims of the 9/11 terrorist attack.
The story broke in response to the tabloids manipulating voicemail of a 13 year old girl who was a murder victim and soldiers who fought in Iraq and died. The FBI is apparently investigating.
It seems there is a flaw in many telecom systems that allow the snooper to check a targets voicemail as long as the voicemail believes the call is coming from that persons caller ID.
Snoopers can access readymade hacking scripts online to perform these tasks or simply enlist one of many “caller ID spoofing” services. These services allow for anyone to make a call to any number and trick the voicemail into believing it’s coming from the voicemails intended account holder.
Once the voicemail is accessed the caller may not need a PIN or access may be granted via default passwords like 1111 or 0000. When the voicemail receives a call they think is coming from the correct phone number spoofed by caller ID it automatically trusts it.
The quickest fix to protect voicemail is to make sure your voicemail requires a PIN especially when you call it from your phone. And make sure that PIN isn’t a default PIN or one that is easily guessed.