iPhone users beware: your voicemail isn’t secure!
One of the greatest features included in iPhone is visual voicemail; Apple has taken the nature of voicemail to the next level of user-friendliness. However, AT&T has failed to alert users to a huge security hole in their voicemail system: anyone can listen to your voicemail at their whim!
Help Net Security says this doesn’t just apply to the iPhone; apparently this exploit is based on a loophole in Cingular/AT&T’s voicemail settings that was identified over a year ago by security researcher Nitesh Dhanjani, who pointed out that basic Cingular voicemail only required users to call from their own numbers to access account voicemail.
The same researcher acquired an iPhone at launch and tested his previously proven theory on new technology, and surprise surprise…AT&T has failed to up the security of Cingular’s already-flawed voicemail system. Curious how all your bits and pieces could be listened to by anyone? Here’s how it works:
1. Obtain a Spoofcard, which allows users to simulate numbers different from that of the cell phone they call from.
2. Choose the number of a phone you would like to access, and enter it in using your spoofcard.
3. Call voicemail using the spoofed phone, and listen freely to unsecured voicemail.
What that means is anyone can access your unsecured voicemail on the AT&T network at their leisure…here’s the fix it:
Call your voicemail and go through the prompted response system for setting up a password; by doing so, users will still be able to “access” your account, however without a password, they will catch the ultimate shut-down.
Take this very, very seriously; there are too many jealous girlfriends and sketchy business associates out there to not take the necessary precautions.
Related Posts:
April 20th, 2010
Your completely right about the loophole and security breech in the voicemail system but let me tell u ; it’s far worse than you think . It’s also far easier to do. All you need to do is call 1800 Cingular and access the automated system . Push three as prompted , then enter the phone # ur hacking then their area code and bam ur in and can do ;
change the password
listen to voicemail saved and deleted
delete voicemail as u like or save it
get all the info like who called , when they called and what time they called
This is astonishing how easy your personal info is compromised and I’m sick of AT&T’s lack of concern