Bell Canada in its infinite wisdom saw fit to reduce the bills of some of its customers that had been hacked. The hack was a breach of the phone mail systems that would allow an attacker to access an use the voice mail as a relay to call, well, anywhere on the victim’s dime.
Or in the case of one law firm $207,000.
From CBC:
The law firm isn’t alone with the billing problem, but Bell Canada spokeswoman Julie Smithers calls the situation “really rare” and a “very old scam” that affects primarily business customers, although she said some residential consumers have been caught.
Here’s how Bell thinks it works: an automated dialer will target a specific phone number, and wait for the voicemail to respond. Then, the computer will go through standard voicemail passwords.
Once it finds the correct password — often a predictable number combination — the automated dialer will choose an option on the voicemail that allows it to make long-distance phone calls.
The part of this story that seems unclear is that were these customers managed by Bell? If so, does that not point to an abject failure in their own password management as opposed to the customers?
But she added “it is extremely important and it is the customer’s responsibility to put passwords in place that are difficult to guess.”
Hmm. But,
Bell Canada spokeswoman Julie Smithers calls the situation “really rare” and a “very old scam” that affects primarily business customers.
Business customers. Like the one’s Bell manages? It’s not like Bell ever makes mistakes. How I loath the spin.
So, whatever happened to the dinosaurs again?
(thx to Andrew Hay for pointing me to this article)