SCS Detect
Back to the blog
ThreatsBy the SCS Detect team· May 24, 2026· 3 min read

Wiretapping Landlines, VoIP and PBX: Vulnerabilities Few People Know

Corporate telephony remains a target for interception, from old copper pairs to digital PBX and VoIP. Learn the weak points of each technology and how to protect your conversations.

The wiretap didn't die, it just evolved

Many people believe tapping phones is a thing of the past, overshadowed by mobile phones and messaging apps. The reality is different: landlines, the corporate PBX and VoIP still carry critical information, and each of these layers has specific vulnerabilities. The traditional copper pair can be intercepted with a simple parallel tap; the digital PBX can be configured to record extensions; and VoIP, traveling as data, is exposed to network attacks.

The appeal for eavesdroppers is the richness of the content. In offices, negotiations, instructions to suppliers and sensitive data still travel by voice. Precisely because it looks like 'old technology,' landline telephony is often neglected in security audits, becoming a convenient blind spot for anyone wishing to listen.

Landlines: the simplicity that becomes a weakness

On a traditional analog line, the voice signal travels through a copper pair that leaves the handset, passes through distribution boxes in the building and continues to the carrier's central office. Each of those points is an opportunity for interception. A parallel tap connected anywhere along the line allows the conversation to be heard; versions with a transmitter send the audio by radio to a nearby receiver, with no additional wire visible on the device.

The most vulnerable points are telephony boxes in common areas, distribution cabinets and cabling segments outside the company's direct control. Since these locations are rarely inspected, a device can stay active for long periods. Detection requires electrical analysis of the line and physical inspection of the entire infrastructure, not just the handset on the desk.

PBX and VoIP: threats that live in software

A modern PBX is, in practice, a computer that manages calls. If misconfigured or compromised, it can be instructed to record extensions, divert calls or activate remote listening with no visible physical change. Factory default passwords, exposed administrative access and outdated firmware are frequent entry points for this kind of internal compromise.

In VoIP, voice becomes data packets and travels over the same network as emails and systems. Without proper encryption, calls can be captured through network interception techniques and reconstructed into audio. Weak configurations, poorly segmented networks and vulnerable IP devices expand the attack surface, requiring an approach that unites telecommunications security and information security.

Signs your line may be compromised

Some indicators deserve attention: unusual noise, clicks or echo during calls; volume that drops for no reason; a phone that shows signs of life even on the hook; or bills with unexplained calls and traffic patterns. In the digital environment, PBX access logs at strange hours and configurations changed without authorization are also relevant warnings.

It is important to stress that many modern taps produce no perceptible symptom. The absence of noise does not guarantee security. That is why, in sensitive environments, periodic technical assessment is more reliable than the subjective perception of those who use the phone day to day.

How to protect your voice communication

Protection combines technical sweeps with good configuration practices. During the sweep, we electrically analyze the lines, inspect boxes and cabling, audit the PBX configuration and assess the security of the VoIP environment. In parallel, we recommend changing default passwords, segmenting the network, encrypting calls and enforcing strict control of administrative access.

SCS Detect has spent 18 years protecting the communications of companies and executives, with teams in Sao Paulo, Rio de Janeiro and Brasilia. If your organization handles sensitive information by phone, it is worth talking to our specialists to design a protection strategy that covers everything from the copper pair to VoIP.

You may be under surveillance right now.

Talk to SCS Detect through a secure channel. Confidential service in São Paulo, Rio de Janeiro and Brasília, and across Brazil.

Request a confidential sweep