If you haven’t been to your own funeral yet, you have most likely heard of the “News Of The World” phone hacking scandal. Once you get past all the talking heads indegnant responses and discussions on “Press Ethic” and Journalists co-opting law enforcement and vice versa you may wonder just how they did that. Where did they find the techies with the savvy to actually hack phones, and could it happen to you. The answer is surprisingly low tech, and that anyone with a Voice Mail account could be a target. here’s how it works:
1. The phone company provides an external number customers can use to access their inbox.
2. The service gives access to the caller dailing in if it recognizes that the customer is calling in from an approved phone number, like their cell phone.
3. The loophole in this system is that the service makes this determination by reading the incoming caller ID.
4. Crooks can easily spoof a user’s Caller ID using Voice Over IP and some software.
1. Most of the time, the service offers an additional barrier of protection by requiring that the person calling in enter a four digit password.
2. The problem is that users are initially given a default password, which they can change once they access the system.
3. Typically, the default password is the last four digits of the person’s phone number.
4. Customers often don’t take the extra step to create a personalized password. Hackers know this and are more than happy to take advantage what can amount to be a serious lapse in judgement.
1. For the sake of convenience, another way users can often access their voice mailbox is by dialing their own number and entering a secure password.
2. Hackers, too, have a way of mimicking this sequence, but it requires that they first have somebody occupy the user’s phone line.
3. While the line is being held up, a call to that number — with the correct spoofed caller ID – goes directly to voice mail .
4. To get past the security password barrier, hackers would sometimes reset the code by calling the provider’s customer service department and successfully impersonating the user.
Don’t you feel safer knowing that? Probably not. This highlights just how easy it is and why it is such an easy target for both hackers and anyone else that thinks ethics is a Greek island.
Here’s one ways that you can protect yourself, though there is no fool proof, 100% way to prevent or protect against such trespasses.
Always activate a personal security code and use strong passwords; see here for what a strong password is. Start there and you can rest a little easier at night. On the other hand, if you have children you just may want to try some of these methods out just to see how easy they are. But that wouldn’t be a Greek island, now would it?