Threat of Fake Wi-Fi Networks Very Real, Security Firm Finds
In order to make a point about how people can be easily fooled into connecting to ‘fake’ Wi-Fi networks, antivirus company Avast, which recently acquired AVG, another antivirus firm, set up public Wi-Fi networks (these are the ones which can be logged on to without a password) at the US Republican National Convention in Cleveland, Ohio. The networks had names such as ‘ATT Wi Fi’ as well as ‘I vote Trump! Free internet’ and ‘I vote Hillary! Free Internet’.
When one connects to a public, unsecured Wi-Fi network, what he/she does online can be seen by anyone else on the same network. This is how hackers first find their targets – only the mobile devices/computers those who log on to internet banking sites would be worth hacking into to steal login credentials, which could be made use of for personal gain.
Avast found that about 14 of the 1,200 delegates made use of online banking services on their public Wi-Fi networks. Avast could also gather the identities of about 100 delegates. 44.5% of the participants checked their email or chatted using messaging apps, while about 61 played the popular Pokémon GO game. 78 delegates shopped online on Amazon and three visited PornHub. Eight of the delegates also made use of dating apps like Tinder and OKCupid.
Additionally, they found that 56% of them used Apple devices. 28% of those attending the convention were on Android devices and a small 1.5% (this translates to 18 delegates) on Windows phones. 41 delegates used MacBook laptops.
Just imagine what a determined hacker could collect about you if he/she was monitoring the Wi-Fi network you were connected to. To make things easier (encrypted networks that require passwords are harder to crack), they create public Wi-Fi hotspots using their own devices with names like ‘Starbucks_Guest’ when the Wi-Fi offered by the coffee shop may have ‘Starbucks’. On seeing both networks, and one encrypted, most people would assume that the encypted one is for employees and the public one for them. This is how hackers beguile innocent people. It has been estimated that one out of every five Australians have been the victim of a cyber attack already.
With a VPN, you don’t connect to a website. Even when using a public Wi-Fi network, you connect to a VPN server from where data is routed to and from websites. And the connection between you and the VPN server is encrypted, meaning the hacker can see only a string of random characters and the IP address of the VPN server, which doesn’t tell him anything.