It's not just ropey journalists who employ a little phone hacking...
It’s fair to say that the hacking of mobile phones has been in the news a fair bit over the last week or so. Indeed, the practice has led to the closure of a 168-year-old newspaper, and the arrest of the Government’s former director of communications.
So what is phone hacking, and how do you ensure that you don’t come a cropper?
Read all about it!
For a while now it’s been public knowledge that journalists at the News of the World indulged in a little phone hacking in order to secure news stories. What started out with members of the Royal Family and celebrities has taken a sinister twist though with the revelation that grieving families of terrorist attacks and murder victims also had their phones hacked.
Hacking in this instance means gaining access to the user’s voicemail. And when these activities were at their most popular at News International, this was a pretty easy thing to do. It used to be the case that voicemails came with a standard PIN which allowed you to access the voicemails. The idea was that once you signed up with the mobile provider, you would then go and change that PIN (as well as record a no-doubt ‘wacky’ voicemail message).
Of course, most of us did no such thing, leaving our voicemails open to any enterprising hacker. All they had to do was call your number when it was engaged or the phone was off, and they would have free reign over your inbox. Private investigators also no doubt have access to technology (known as caller ID spoofing) which allows you to impersonate a phone number, so your victim's voicemail provider will think it was the legitimate owner of that phone number calling from their own mobile. In that situation, voicemail providers often didn't even ask for a pin.
Alternatively, it is even thought the private investigators paid sources at CTI, the accounts company which held the accounts information for all the major phone companies except O2, to tell them the pins of celebrities. This is why victims like Sienna Miller - who reportedly changed her Pin hundreds of times - still got hacked.
Perhaps unsurprisingly, given the furore over the ease of phone hacking, the network providers have moved to tighten things up. Default PINs were ditched some time ago, with most providers now requiring you to set up your own PIN when setting up your voicemail.
Related blog post
That at least makes it harder for any hackers to get hold of your messages, though it’s still far from impossible. Picking a PIN with recurring or sequential numbers (4444 or 1234 for example) or your birthday will not give your message facility much in the way of security, so that’s to be avoided.
The real issue here is that voicemail can still be accessed remotely – i.e. from a line other than the mobile itself. So long as that is the case, there will always be opportunities for unscrupulous types to try to hack into your voicemails. And caller ID spoofing technology is still available today.
Of course, it’s not just your voicemails that represent a gravy train to hackers and scammers. Here are some other potential areas your identity may be at risk:
Mobile phone apps are big business these days, worth millions of pounds. And anyone with a smartphone likely has a stack of apps sitting on their phone.
Of course, this presents an opportunity to hackers. All they have to do is get a fake app out into the market, and get unsuspecting users to download it. Earlier this year a number of apps on Google’s Android Market were infected with a form of malware called DroidDream. This malware allowed hackers to access all sorts of information about the phone, such as its unique identifying numbers, potentially giving the hacker the ability to remotely control the device, as well as get hold of any data stored on it.
Currently, the vetting process before you get an app up on iTunes is far more rigorous than those apps available to Android mobiles, so it pays to be extra vigilant if you’re using an Android. It's a good idea to do some research on any app before you download it onto your phone too.
Related how-to guide
Worried about getting caught out by a scam or rip-off? Find out how to protect yourself.See the guide
Accessing information on your finances while on the move is a fantastic development, but also provides an opportunity to scammers. If you’re going to do some banking on your phone, be clear about your surroundings. Scammers known as ‘shoulder surfers’ like to lurk close by, watching you and the details you put into your phone. You're particularly vulnerable if you conduct your online banking in wi-fi hotspots, so avoid doing this.
If you think about it, it’s no different to being smart when using an ATM.
I’ve used the Bluetooth facility on my old mobiles many times in the past, to send music files or photos to friends at close proximity, without having to pay for it. However, like public wi-fi, it is open to hijack, putting your personal information at risk.
Always turn off your Bluetooth when you aren’t actively using it, while switching your settings so that your Bluetooth is not ‘discoverable’ is also a smart move. Finally, be vigilant over only ever accepting connections with people you know.
As a (relatively) young person, I’ve embraced social media. Twitter has become an integral part of my day, while Facebook allows me to share pictures of my son with our relatives across the globe.
However, for all their uses, they do present a potential hazard. Some of my friends share far too much information on their profile page on Facebook, from their mobile phone number to their address and date of birth. All they need is to stick up their mother’s maiden name, and cyber criminals have the full set.
But what is becoming a real concern is the way we use social media when out on the move, with the use of our mobile phones. Too often we feel the need to ‘check in’ to let our friends or followers know exactly where we are. It’s even become some sort of strange game thanks to the likes of FourSquare, where you can ‘oust’ other users and become the 'Mayor' of Pret a Manger or wherever. It's ridiculous.
Of course, by doing this, you are just letting people know where you aren’t – and that’s at home. Insurers are already getting twitchy about paying out on burglaries if you’ve advertised that you are away from home, while organised criminals in the US have taken to scouring Facebook to identify possible properties to rob.
Be the first to comment
Do you want to comment on this article? You need to be signed in for this feature