Should You Hire A Criminal Hacker? >>
<< Scalper Dot Com
 tdicon 


Scams

by Mike Masnick

Wed, Apr 16th 2003 2:40am





Voicemail Hacking Leaves Ears Ringing

from the pay-for-it-yourself dept

The LA Times (registration required - I'll post a non-reg req'd version if it's found) is reporting that there's a growing trend of "voicemail hacking", where some scammers trick certain phone numbers into accepting third-party billed calls. The way it works is fairly simple. First, a hacker breaks into a voicemail account by using easily guess PIN numbers (or using the "default" PINs from certain phone companies). Then they record a message approving changes to their phone plan, set up in a specifically timed way to sound as though they are responding to an automated, voice-activated, call from the phone company to make sure the changes are correct. Since it's basically two recorded systems talking to each other, it's easy to set it up so that the phone companies are duped. Now, the scary part is that the phone companies don't seem to care. Most of them haven't changed their procedures for checking to make sure you want to change your phone preferences - and (much worse!) they say that they still expect the customers to foot the bill (which often runs into the tens of thousands of dollars). If they can't create a more secure system, then I don't see why they shouldn't be forced to wipe out these charges. Update: Wired News is running their own version of the story.

3 Comments | Leave a Comment..


If you liked this post, you may also be interested in...
 

Reader Comments (rss)

(Flattened / Threaded)

  1.  

    No Subject Given

    identicon
    typo police, Apr 16th, 2003 @ 5:33am

    "PIN numbers" should be "PIN". A Personal Identification Number Number could never be guessed as it does not exist.

    reply to this | link to this | view in thread ]

  2.  

    Re: No Subject Given

    identicon
    j keck, Apr 16th, 2003 @ 10:44am

    are we bored now that our taxes are done, or what?

    reply to this | link to this | view in thread ]

  3.  

    Bell South

    identicon
    Bryan Price, Apr 16th, 2003 @ 10:48am

    A friend of mine has had her business line and associated DSL cut off twice now because someone (my wife's ex's stepson if you need to know) called in, and talking to a person got it done. The second time despite "security" matters that were put into effect. The best part of it was Bell South wanting to take two months to get things back on, with a new number no less! Needless to say, it was two hours, and she had her old number back.

    And in Columbus, Ohio it was possible to turn off phones and turn on and off features by knowing the phone number and address only. Maybe you need the name as well, it's been awhile. You could call from any phone, not the phone that the changes would be made on. A friend decided to "give" me caller ID. I found out when the caller ID box that I connected started working. I had been too lazy myself to call the phone company to get the service turned on.

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>


Should You Hire A Criminal Hacker? >>
<< Scalper Dot Com
 tdicon 

A word from our Sponsors...
Follow Techdirt
Flattr rss rss

Powered by Postrank

From the Techdirt Archive...
A word from our Sponsors...

Close

Email This