I recently learned about a law enforcement investigative technique used to listen to voice mail messages on other peoples’ mobile phones using caller ID spoofing. This technique is a little old, but not widely known. What might be an effective investigative technique to some is a potential data leakage or corporate espionage issue to others. As a proof of concept, I set up an account with a caller ID spoofing company and was able to access voice mail messages for a variety of personal and corporate Blackberry, iPhone, and cell phone devices. The problem isn’t with the devices themselves, it is with how the service providers handle spoofed caller ID numbers. For the affected providers, if they see the source phone number is the same as the called number, they think the call is coming from the owner’s phone and the call gets dropped directly into voice mail playback if no password or PIN is set. This technique currently works with both AT&T and Verizon and possibly other US providers.
The procedure goes like this:
1). Gain technical ability to spoof called ID info. I created an account with http://www.itellas.com. My account cost $20 for 200 pay-as-you-go minutes.
2). Call spoofing company service phone number. Enter account credentials.
3). Through spoofing service provider phone interface, call target phone with spoofed caller ID number set to the same number as the target. For example you call target 202-555-1379 with the spoofed called ID also set to 202-555-1379.
4). If no PIN/password or other protection is in place for the target’s account, you get dropped straight into listening to voice mail messages on the target phone. So that means as long as you have a good mobile phone number for a target, you might be able to listen to their voice mail messages without their knowledge. This capability directed at the right people could result in the loss of sensitive information since people generally consider their voice mail boxes unbreachable without a court order or subpoena.