Product Communities
Sign In Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Getting started | Community guidelines
Plexus_Tech
New Contributor

Voicemail Hack

Hello All,

 

Just a word of caution to be sure to reset voicemail PINs.  We had a client where a hacker pulled their main company phone number off their website, called their number in the middle of the night, waited for voicemail to come up, pressed *, and used the default PIN of 0000, which allowed him access to listen to the voicemails stored in the shared mailbox.  There happened to be a message there from one of their customers and he took down the customer's info and contacted them the next morning, representing himself as an employee of our client, trying to sell them services via a CVS gift card.  That made the person who was called suspicious enough to hang up and call the company directly.

 

That same client let us know they heard from another firm that a similar thing had happened to them.  I don't know if it's a wide-spread thing, but I had not heard of it before.  I just wanted to let everyone know to remember to go back and check for default PINs on exposed mailboxes and reset them.   Unfortunately, hackers will use any and every possible means of getting info to make scam calls!

 

John

‎03-13-2024 03:56 PM
0 Kudos
Reply
4 REPLIES 4
GlennD
GoTo Manager
GoTo Manager

Re: Voicemail Hack

Hi @Plexus_Tech, welcome to the community.

 

Thank you for bringing this important issue to our attention. We will absolutely make sure this is highlighted for new customers when they are setting up voicemail and encourage existing customers to review the PIN codes they are using.

 

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!.
Do you want a new feature added? Make sure you Kudo (vote) for the Idea

Free user and admin training
‎03-13-2024 04:14 PM
0 Kudos
Reply
mkeaton
Contributor

Re: Voicemail Hack

Wow I'm actually shocked this hasn't been emailed out to anyone yet! After dealing with the fall out from the change healthcare hack we wont be waiting to remedy this one.  GoTo could be preemptive and simply make it anything other than 0000 when starting up and requiring a PW change on set up. Once a vulnerability is found it should be corrected.

 

For those that do them, this should be noted in your Risk Assessments (HITECH)

 

Thank you so much for sharing!! Now to change 80 users VM PINS lol

‎03-21-2024 04:07 PM
0 Kudos
Reply
GlennD
GoTo Manager
GoTo Manager

Re: Voicemail Hack

@mkeaton We do cover this in our onboarding and support documentation when setting up voicemail, changing the PIN is the last step in the process. We are looking into appropriate reminders for customers to check that they/their users completed changing their PIN in the last step.

 

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!.
Do you want a new feature added? Make sure you Kudo (vote) for the Idea

Free user and admin training
‎03-21-2024 04:59 PM
0 Kudos
Reply
Plexus_Tech
New Contributor

Re: Voicemail Hack

Hi Glenn,

 

Thanks for that response.  Maybe something from GoTo stressing the importance of changing that PIN.  I don't think the average user even thinks that someone could use that to get into their email.

 

Thanks,

 

John

‎03-21-2024 05:55 PM
0 Kudos
Reply
About Us
Terms of Service
NEW Privacy Policy
Trademark
© 2024 LogMeIn, Inc. All Rights Reserved