The iPhone lockscreen has not been exactly the most secure out there but in a newly discovered exploit it shows how Siri will let anyone call, text or email anyone on your contacts list from your phone. The gist of things is that on a locked iPhone with Siri enabled all you need to do is invoke the assistant and use a verb like “Call” “Text” or “Email” and Siri will ask you who and you can type a single letter. From there Siri will allow you to input other that gives you access to the devices entire address book.
Fortunately the fix is pretty simple, disable Siri and logically it will take a lot for the person to have the perfect situation to do so but if they do, it may just be a next level phonejack. For the meantime, play it safe and disable Siri, I mean you don’t really use it now do you?