AT&T/Cingular Voicemail Insecure

This post does NOT only apply to iPhones, but rather to all AT&T/Cingular customers. It turns out that anyone's voice mail can be easily hacked even if you have set up a basic password.

The AT&T/Cingular voicemail system is configured by default not to ask for a password when you check your voicemail from the handset (it asks for your voicemail password if you call your number from another cell phone and press * when your voicemail answers). Unfortunately, the AT&T/Cingular voicemail system trusts Caller ID to determine if the handset is calling it. Because Caller ID can be spoofed easily.., anyone can gain access into your voicemail by calling you and spoofing your phone number (it will appear as if you are calling yourself when your phone rings) - should you not answer the call, your voicemail will answer and allow the intruder full access to your messages.

Of course, for most of us this is not an issue. I get few voicemails, and all of them can pretty much be broadcast in Prime Time without fear of embarrassment. But still, it could be used for malicious purposes. The linked article does have a method to prevent unauthorized access, as well.