Voicemail Hacking Leaves Ears Ringing
from the pay-for-it-yourself dept
The LA Times (registration required – I’ll post a non-reg req’d version if it’s found) is reporting that there’s a growing trend of
“voicemail hacking”, where some scammers trick certain phone numbers into accepting third-party billed calls. The way it works is fairly simple. First, a hacker breaks into a voicemail account by using easily guess PIN numbers (or using the “default” PINs from certain phone companies). Then they record a message approving changes to their phone plan, set up in a specifically timed way to sound as though they are responding to an automated, voice-activated, call from the phone company to make sure the changes are correct. Since it’s basically two recorded systems talking to each other, it’s easy to set it up so that the phone companies are duped. Now, the scary part is that the phone companies don’t seem to care. Most of them haven’t changed their procedures for checking to make sure you want to change your phone preferences – and (much worse!) they say that they still expect the customers to foot the bill (which often runs into the tens of thousands of dollars). If they can’t create a more secure system, then I don’t see why they shouldn’t be forced to wipe out these charges. Update: Wired News is running their own version of the story.