The phone hacking and other claims of data intrusion that have been levelled at the News of the World newspaper have resulted in one of the oldest publications in the UK being closed. It has also highlighted a worrying issue, the fact that it is surprisingly easy for unskilled individuals to gain access to voicemail and other mailboxes, largely by taking advantage of default passwords and PIN numbers.
These alleged activities have shown that it is not just high profile celebrities and politicians that can find their voicemail, email and other communications accounts being hacked by an outside entity. Everyday members of the public have allegedly had their privacy and data security compromised by this, again revealing how easy it is for an opportunistic hacker, identity thief or fraudster to infiltrate and intercept sensitive communications for their own gain.
GFI Software has produced some guidance and comment that you might find useful for any follow-up stories you are considering on this issue:
“The various cases that have occurred as a result of the alleged actions of a small group of people – who were not security or surveillance professionals – are a clear illustration that a cavalier attitude towards data security can be exploited by others very easily” said Christopher Boyd, senior threat researcher at GFI Software.
“If there is anything we can all learn from these reports of phone hacking is that everyone needs to take steps to protect their data and access, and be careful about how they protect their information and communications. Changing default PIN numbers on mobile phone and home landline voicemail is an absolute must, as is changing default passwords on wireless routers and turning off file sharing when connected to public networks such as wireless networks in coffee shops, restaurants and airports.”
“Complex passwords for email accounts are incredibly important, especially if you use a prominent free email service like Gmail or Hotmail, while malware remains one of the biggest threats to personal information security, with examples of rogue software – such as the recently shut down Coreflood botnet - designed to illicitly log keystrokes or install ‘back door’ access to your PC in an effort to harvest username and passwords for online banking and retailers where you might have stored payment details. Additionally it is advised not to save sensitive passwords in web browsers. If a laptop or a phone is lost or stolen, the thief would have a full list of passwords and personal information they can use for malicious activity. It’s not just a few rogue investigators looking to do this; these same tactics are regularly in use by criminal gangs and individual fraudsters trying to rip-off the general public”.