How can hackers get into your voicemail?
A man looks at his email on a Blackberry.
Staff at the paper are accused of hacking the voicemail account of a 13-year-old murder victim as well as the accounts of family members of soldiers killed in Iraq and Afghanistan.
We spend a lot of time on this show talking about computer security and how to ensure maximum privacy for your online life. But how much thought do you ever really give your voicemail? We talk to Graham Cluley of the security firm Sophos, who says the methods people use tend to be pretty low-tech.
"Simplest way," he says, "is if you phone someone's mobile while it's in use, you can pretend to be the owner to access voicemail. If the owner hasn't changed his voicemail PIN from the default, you can type it in and listen to messages. So you might type in 1768 or 1111 or whatever it is for that operator and you listen to those messages."
"Then there's the dirtier method: Call up the carrier, pretend to have forgotten your PIN and ask them to reset it. Or bribe someone at the call center and say, 'You're not on a good wage, I'll give you money to give me access.'"
As for what you can do to prevent hackers on your own voicemail, Graham says don't make it easy for the bad guys: "You shouldn't keep your voicemail PIN standard, make sure it's not your birthday. Don't make it the same number as your ATM either. I've seen that unravel. We've done studies showing most common PINs, I'm afraid, are people using 1111 or 1234. You've got to mix it up more, but make it something you can remember."
Graham says more phone companies are now insisting that you choose a PIN that is different from the default. Of course, then it's up to you.
Also in this program, we talk to Lee Thach. He just won a contest sponsored by the Centers for Disease Control for a Facebook game app he created called Flu-ville. Imagine Cityville but everyone in it could get a horrible cough.