File this in the “uh-oh” department. Apparently there’s a small issue with Android devices on AT&T that allows pretty much anyone to gain access to your voicemail. Downloading any number of caller ID spoofing apps in the Android market is the only requirement. Simply input the destination number and then set the spoofing caller ID app to mimic the destination number. As long as the number in question doesn’t have a voicemail password, you’re in.
From the looks of things, AT&T already knows about the vulnerability. Though they incorrectly implies that these “spoofing apps” exist solely to hack into peoples’ voicemail accounts in efforts to topple the world. But who’s counting, eh?
Moral of the story is pretty basic — put a password on your voicemail folks.
Slashdot
