Wednesday, September 05, 2007

Business Travelers Beware: Free Wi-Fi Scam Strikes at Airports

This Better Business Bureau consumer bulletin is sponsored by San Diego Gas & Electric, a Sempra Energy utility.

In order to keep up in today’s world, a business needs to make sure its employees stay connected, even on the road. Many airports and other public spaces offer free wireless, or Wi-Fi, connections for the public to log onto the Internet from their laptop computers. The Better Business Bureau (BBB) warns that hackers are now taking advantage of this convenience and setting up fake Wi-Fi connections designed to steal your personal information and files without you even knowing.

How it works:


Although hackers can and have set up fake Wi-Fi connections in a number of venues, usually they will target consumers at airports. When searching for connections, consumers may see a network connection available that could be simply named “Free Wi-Fi.” Thinking it’s the free connection offered by the establishment, they’ll log on. Unfortunately, the network may actually be an “ad-hoc” network, or a peer-to-peer connection. The user will be able to surf the Internet, but they’re doing it through the hacker’s computer. And the whole time, the hacker is stealing information like passwords, credit card and bank account numbers, and social security numbers. Beyond simply stealing keystroke information as the user enters various types of data, if the PC is set to share files, the hacker could even steal whole documents from the computer.

Airports across the nation continue to report on Wi-Fi security issues. Officials in Atlanta, New York LaGuardia and Los Angeles airports have all reported the existence of ad-hoc networks advertised as free Wi-Fi connections. An investigation revealed that Chicago O’Hare had 20 ad-hoc networks present that were potentially designed with the intent of hacking into unsuspecting user’s computers and networks.

The BBB offers the following advice on how to keep yourself safe when you go wireless:

  • Never connect to an unfamiliar ad-hoc network, even if the name sounds genuine. A hacker can change the name of his network to anything he wants, including the name of the legitimate Internet connection offered by the airport. Just because it has the same name as the Wi-Fi advertised in the airport, don’t believe it. For more information on how to distinguish between an ad-hoc network and a normal Wi-Fi network with Windows Vista or XP visit http://support.microsoft.com/.
  • Make sure that your computer is not set up to automatically connect to non-preferred networks. Otherwise your computer could automatically connect to the hacker’s network without your knowledge.
  • Turn off file sharing when you’re on the road to prevent hackers from stealing entire documents, files and unencrypted e-mail from your computer.
  • Create a Virtual Private Network (VPN) for your business. A VPN establishes a private network across the public network by creating a tunnel between the two endpoints so that nobody in between can intercept the data. Many companies allow remote users to connect to corporate networks as long as they use VPN. This keeps the users' communications just as secure as if they were sitting at a desk in the building.
The BBB is here to help with advice you can trust. For more information on identity theft, fraud prevention, and keeping your company secure online, visit http://www.sd.bbb.org/.

No comments: