Phreaking, the hacking of telephone systems, has entered the VoIP age and could become a big problem unless operators tighten up their security, according to a VoIP specialist.

Hacking phones became something of a cult activity in the 1970s after youngsters – including Steve Wozniac, who built the first Apple computers – discovered that tones pitched at certain frequencies could open lines for free calls.

Hackers tended to present phreaking as a victimless crime because nobody lost any actual money, though operators were deprived of the cost of the calls.

But phreaking's latest incarnation could put VoIP users out of pocket, warns Dave Gladwin, vice-president of products at Newport Networks.

The reason is that VoIP services such as BT's Broadband Talk provide access to paid-for calls, too.

"Actually I like Broadband Talk. It is very useful and basically turns my notebook into a phone," Gladwin says. "I can sit in a hotel room abroad and receive or make calls as if I am at home."

But when those calls are made to landlines or mobiles they have to be paid for. And Gladwin claims that VoIP log-in details are on sale on the web at prices higher than those charged for credit-card details.

Log-in details are relatively easy to harvest at public hotspots because, according to Gladwin, nine out of 10 VoIP providers using the standard SIP protocol do not support encryption. Skype users are not affected because that system uses its own protocols and does encrypt traffic.

Gladwin points out that knowledgeable users will always check that they are on a secure link if they are making an online transaction, but "they don't tend to think about it when they are making an VoIP call".

The trouble is that VoIP operators need to implement encryption – users cannot do it on their own. "At the moment there is no call for them to do it. Encryption will require some investment. They will only spend the money if there is a demand for it," said Gladwin.