Free WiFi - what could possibly go wrong
We love WiFi. We depend on it for everything from checking train times to email, twitter to what our friends had for dinner. In cities it's everywhere - in cafes, bars, restaurants and public places.
Some say love is blind, and when it comes to free WiFi, this is very, very true. When was the last time you double checked that the WiFi you're about to connect to is actually the name of the WiFi that the establishment we're in offers?
As an example, let's say you're in a coffee shop called "Peter's Place". If you turned your mobile on and saw "Peter's WiFi", would you stop to consider whether Peter's Place actually offered WiFi, or would you just connect?
It's not particularly difficult to set up fake WiFi. Sat at the back of the coffee shop blending in with the other laptop users, it wouldn't be hard for a hacker to broadcast a fake WiFi ID. As customers connect to the fake WiFi, their all of their usernames and passwords flow through the fake WiFi out to the internet, and return traffic equally so.
It's not particularly difficult to set up fake WiFi and harvest usernames and passwords for later use.
The fake WiFi is transparent to the customers. As they're happily checking their bank accounts, or email, or social media - all of those credentials are there for logging and later (or immediate reuse by the hacker).
There are a couple of things you can do to protect yourself:
- Check that the WiFi is definitely what you think it is, and if you're not sure, ask.
- Use a Virtual Private Network (read more about VPNs here).