Voicemail hacking is a real concern for your business
With information security breaches now a regular thing, you’ve hopefully done the basics to protect your business.
• Have you installed a powerful firewall to hold off web-based attacks? Nice start.
• Have you instituted a routine and mandatory email password reset system for employees? Excellent second step.
• Have you backed up and encrypted your website? Smart.
• Have you educated your staff on common email phishing practices, including never opening attachments from external emails? Now you’re cooking.
• How about protecting your voicemail systems? Before you ask, yes, voicemail hacking is a real concern.
Do you have valuable information in your employee voicemail inboxes? The answer is often yes, but that information is rarely what voicemail hackers are looking for. The real moneymaker for them is hijacking a voicemail account and tricking calling services into connecting collect calls that can run up a hefty tab on the account.
Thankfully, there are a few preventive measures you should consider. To begin with, the reason voicemails are easily hacked is due to the common four-digit passcode scheme. Countless users set up their voicemail with an easy-to-remember passcode. They use four of the same number, four sequential numbers, the street address of the business or their birthday. Even worse, with texting and email so popular, some voicemails are never set up and simply sit in default mode waiting to be hacked.
A few of these lazy, unoriginal or formulaic tendencies of the modern professional can be handled on tech end by asking your voicemail provider to prohibit certain passcode combinations. However, the hard work will be in resetting the brains of your employees. This hack isn’t really about technology, but rather about human beings in what is known as social engineering. Once a hacker discovers who works for you, it takes only a bit of online snooping to discover their home address, phone numbers, past phone numbers, birthdates, family birthdates,
graduation class year, and any zip code where they’ve ever lived. These numerical datasets are the fuel that
hackers need to crack open your system. You need to institutionalize the necessity of random or significant
If this doesn’t work, you could go the expensive route and integrate a random-number-generating device that supplies users with a unique passcode every access attempt. Otherwise, hold a few staff meetings and impress upon your employees how their voicemail laziness is putting the entire company at stake. ♦
Patrick Boberg is a central Iowa creative media specialist. Follow him on Twitter @PatBoBomb.