Voicemail Hacking Leaves Ears Ringing
from the pay-for-it-yourself dept
The LA Times (registration required - I'll post a non-reg req'd version if it's found) is reporting that there's a growing trend of "voicemail hacking", where some scammers trick certain phone numbers into accepting third-party billed calls. The way it works is fairly simple. First, a hacker breaks into a voicemail account by using easily guess PIN numbers (or using the "default" PINs from certain phone companies). Then they record a message approving changes to their phone plan, set up in a specifically timed way to sound as though they are responding to an automated, voice-activated, call from the phone company to make sure the changes are correct. Since it's basically two recorded systems talking to each other, it's easy to set it up so that the phone companies are duped. Now, the scary part is that the phone companies don't seem to care. Most of them haven't changed their procedures for checking to make sure you want to change your phone preferences - and (much worse!) they say that they still expect the customers to foot the bill (which often runs into the tens of thousands of dollars). If they can't create a more secure system, then I don't see why they shouldn't be forced to wipe out these charges. Update: Wired News is running their own version of the story.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
No Subject Given
[ link to this | view in chronology ]
Re: No Subject Given
[ link to this | view in chronology ]
Bell South
And in Columbus, Ohio it was possible to turn off phones and turn on and off features by knowing the phone number and address only. Maybe you need the name as well, it's been awhile. You could call from any phone, not the phone that the changes would be made on. A friend decided to "give" me caller ID. I found out when the caller ID box that I connected started working. I had been too lazy myself to call the phone company to get the service turned on.
[ link to this | view in chronology ]