Quality Investigators from FindaDetective

articles
phone hacking
phone message hacking

What is phone hacking?

What is phone hacking

Phone hacking generally means the access of voice messages held by the phone service on their servers.

This is done without accessing the physical phone handset.

The hack relies on many people not changing the default pin number on the voice message service, or using a simple to guess pin. To make it easier for the hackers service providers did not lock the message box if the pin was entered incorrectly a number of times.

Always change the default pin number. And try to make it something difficult to guess.

About phone hacking

In the UK phone hacking came to prominence during the scandals in which it was alleged (and in some cases proved in court) that newspapers were involved in the accessing of mobile phone voicemail messages of the British Royal Family, other public figures, and members of the public.

Fixed line phone hacking

Fixed line phone hacking can also mean intercepting telephone calls to listen to the call in progress. This can be done by placing a recorder on the physical telephone line, or by placing a recorder or short range transmitter in the telephone handpiece.

Mobile phone hacking

Mobile phone hacking can also mean:

  • intercepting mobile telephone calls to listen to the call in progress
  • taking covert control of the mobile phone to receive copies of text messages and other activity, and to remotely listen to activity around the phone

This is done by installing software on the phone to provide the functionality that is remotely accessed. The phone user is not aware of the operation of the software. Information is sent using the phone data capability and is not readily identifiable from the phone bill.

There are also flaws in the implementation of the GSM encryption algorithm which allow passive interception. The equipment needed can be built from freely available parts and designs are available on the internet. Mobile operators are updating the encryption software to overcome this flaw but it has yet to be updated by all operators.

Another approach is called bluesnarfing, which is unauthorized access to a phone via Bluetooth. This can only be done by someone close to the mobile phone due to the short range of bluetooth.

Guarding against unauthorised voicemail access

Security of any device is a compromise between ease of use and security. Generally the easier to use then the less secure. Many electronic devices, such as mobile phones, the ease of use is a prime consideration. Security is an ‘inconvenience’ that the user does not want.

The consequence of this is that the devices and services can often easily be hacked. If you want high security expect to have some inconvenience. Until such times as we are all ’chipped’ at birth, as many pet dogs are, we will have to put up with the inconvenience of passwords and authentication devices if you want good security.

The password is the weakness in the security of voicemail systems. Mobile phones allow access to voicemail messages via a fixed line telephone, requiring the entry of a Personal Identification Number (PIN) to listen to the messages. Many mobile phones are supplied with a factory default PIN which not all voicemail systems force to be changed on first use. These default numbers are available on the internet. You MUST always change the default PIN / password.

Research has shown that the most common PIN numbers are “1234” and “0000”. Year of birth, graduation, marriage, birth of child are also common. These are all numbers that are easy to guess if someone knows some background information about you.

You should use a ‘strong’ PIN. That is a ‘random’ set of numbers that are easy for you to remember but not easy for other people to guess. If you have concerns that your voicemail has been accessed then change the PIN immediately. Also consider changing it regularly. The downside to this is that you have to remember the new PIN.

We all have many PINs and passwords. There is a temptation to make them all the same. Do NOT. If one PIN / password is discovered it would give someone access to other services / accounts belonging to you if they were the same.

Although it is inconvenient to have multiple PINs never use the same PIN on two services. Be honest do you have all your credit / debit card PINs set the same? If yes, then now might be a good time to change them to different numbers.

Can suppliers do more?

There are a number of actions that suppliers can take:

  • force change of PIN when voicemail service is activated
  • disallow common PINs such as “1234” and “0000”
  • force longer PINs of more than 4 digits
  • lock an account when the PIN is entered incorrectly a number of times

Some mobile phone companies are tightening their security. However there is a reluctance as many users do not like the inconvenience of security.

If you want good security expect to have inconvenience.

Legality

Phone hacking is a form of surveillance, and is illegal in many countries unless it is carried out as lawful interception by a government agency.

In the UK phone hacking is an offence under the Regulation of Investigatory Powers Act 2000.

or click on map to find a local private investigator