South Africans are warned to exercise caution when accessing WiFi in spaces such as airports, as increasing numbers of local users risk having sensitive personal information captured.
Logging in to check bank balances, online shopping or sending e-mails all mean computers have to send login information across the network – which is a goldmine that scammers look for.
“Sitting in an airport is the ideal time to grab your laptop and send out a couple e-mails using a free WiFi hotspot,” says Carey van Vlaanderen, CEO of ESET Southern Africa. “You connect and send, and are off on your way. What you don’t know is that the free Wi-Fi may come with a price: your login credentials and network traffic being sniffed and captured before sending them along to the real WiFi hotspot, and your information stolen en route, undetected.”
According to the findings of the Online Security Brand Tracker, a global research project commissioned by ESET and carried out by InSites Consulting (April-May 2011) and analysis conducted by United Consultants, almost half of the users worldwide connect to the Internet using portable devices as the primary connection device, notebooks being the most popular (41%), followed by netbooks (3%), smartphones (2%) and tablets (1%).
Hotspots with unrecognisable names or ones that closely resembles the name of the official one should raise immediate flags of awareness. Be especially wary of “unsecured” hotspots, where you don’t need to enter a password to gain access, says Van Vlaanderen.
“he magic happens through a proxy technology, which intercepts your Wi-Fi communication, captures and stores a copy locally on the scammer’s laptop, then sending your information on to a ‘real’ WiFi hotspot. This will slow down your traffic a little, but with congested networks, it is often hard to tell if your traffic’s being snooped, or if there are just many users logging in at the same time.”
He also advises users that, whenever they shop online, log in to check a bank balance or catch up on e-mails, the computer has to send the login information across the network – which is where the danger comes in.
“If criminals get their hands on the information, they have all the time in the world to work on decrypting it, and you may notice fraudulent account activity days or even weeks later,” says Van Vlaanderen. “Use caution and pay attention to details when using public WiFi.”