A recent incident at Australian airports has highlighted the problem of unsecured Wi-Fi networks, especially in public places. Free Wi-Fi networks were allegedly set up with the malicious intent of stealing users’ confidential data. To understand the risks and mitigation measures, Sergio Bertoni, Principal Analyst at SearchInform, shared his thoughts.
According to Bertoni, fake Wi-Fi networks are typically created to illegally access users’ personal accounts, such as email or social media accounts, which are often linked to payment services. “Taking control of a single service connected to a personal account, such as email, allows fraudsters to significantly expand the scope of their malicious activities,” he said.
According to Bertoni, the most benign outcome of connecting to a fake network would be to have your account added to a spam mailing list. However, much more serious consequences are possible, including unauthorized changes to passwords for various services, the distribution of phishing emails and malicious attachments, remote control of victims’ devices, and access to critical data stored in the cloud.
Bertoni points out that the ultimate goal of fraudsters is financial gain. “Intruders try to monetize any data they manage to obtain. They can do this in different ways, for example by accessing victims’ bank accounts, selling stolen data on the darknet or blackmailing victims,” he explains.
Describing the fraudsters’ modus operandi, Bertoni stressed that there were no sophisticated technical tricks. “Fake Wi-Fi hotspots are quite similar to phishing sites. The core of this tactic is social engineering. Owners of fake Wi-Fi hotspots gain users’ trust by pretending to be legitimate services,” he said. This trust leads users to enter confidential data such as logins, passwords or verification codes sent via messengers. Ultimately, this allows fraudsters to gain access to these accounts, allowing them to reassign victims’ accounts to different numbers or change their passwords. As a result, legitimate owners lose access to their accounts and services.
To detect fake Wi-Fi networks, Bertoni said there are no universal or defined attributes to rely on. Entities like airports, public transportation, hotels and restaurants typically have a user authorization procedure for public Wi-Fi networks. He advised users to be cautious if they notice anything suspicious during authorization, such as receiving an access confirmation code via a social network instead of an SMS. “Any deviation from the algorithm you are used to should be considered a red flag,” he warned.
For users connecting to a public Wi-Fi network, Bertoni suggested several measures to mitigate the risks. First, ensure that the Wi-Fi hotspot belongs to a legitimate organization by checking with official resources or staff members. If there are any anomalies, it is best to stop the connection. Second, avoid entering credentials on unverified websites. Third, implement two-factor authentication, set a cloud password, or use other layers of protection to secure accounts. Finally, domain verifiers should be used to verify the authenticity of services that require authorization over an open Wi-Fi network; newly registered services should be considered alarming.
While the safest option is to avoid connecting to free public Wi-Fi networks, following these guidelines can significantly reduce the associated risks. Bertoni’s main message to users is to “stay vigilant and surf the Internet safely.”