Cybercriminals Camping Out on Hotel WiFi Using Evil Twins

/in /by

When traveling on business or for pleasure, seeking out a reliable WiFi connection is usually a priority for most travelers. While mobile 3G/4G connections satisfy some, the speed of WiFi for laptops or uploading/downloading larger files doesn’t compare.

NBC news reports, “More and more hotels are stepping up and offering guests free WiFi, but security experts say some thieves are using the popular service to steal guests’ sensitive information, and they’re doing it by tricking people into using a fake free WiFi connection.

“A cyber thief creates a dummy WiFi connection using a mobile hot spot, and will give it a generic name to resemble a hotel’s actual WiFi connection, such as ‘Free Hotel WiFi.’ If a guest connects [his or her] laptop to the dummy WiFi, the thief gains access to all of the guest’s browsing activity, and will often times use a key-logger program to capture username and password information.”

This is called an evil twin: Anyone can set up a router to say “T-Mobile” “AT&T Wireless” or “Wayport.” These connections may appear legitimate but are often traps set to ensnare anyone who connects to it.

Wireless users who connect to an evil twin risk their data being scraped by a criminal who captures all of their unencrypted communications that are going through his wireless router. Each and every wireless data packet is sniffed and captured by a software program that will later piece together all the information in order to steal identities. Unsecured, unprotected and unencrypted communications over an evil twin on any publicly connected WiFi (such as at a coffee shop, airport or hotel) are vulnerable to sniffers.

On wireless connections that aren’t properly secured, your best line of defense is to use virtual private network software that protects your identity by ensuring that all web transactions (shopping, filling out forms, downloads) are secured through HTTPS. Hotspot Shield VPN is free and available for PC, Mac, iPhone and Android.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.