Beware of free Wi-Fi: Some Advice from the FBI
You’re at the airport waiting for your flight. With time to kill, you’re thinking of connecting your laptop to the airport’s Wi-Fi to check your office e-mail…do some personal banking…or shop for a gift for your spouse.
But first, consider this: odds are there’s a hacker nearby, with his own laptop, attempting to “eavesdrop” on your computer to obtain personal data that will provide access to your money or even to your company’s sensitive information.
Here’s something else to consider: there are 68,000 Wi-Fi “hot spots” in the U.S. (see the graphic below for the top Wi-Fi countries), at airports, coffee shops, hotels, bookstores, schools, and other locations where hundreds or thousands of people pass through every day. While many of these hot spots have secure networks, some do not, according to Supervisory Special Agent Donna Peterson of our Cyber Division. And connecting to an unsecure network can leave you vulnerable to attacks from hackers.
How do hackers grab your personal data out of thin air? Agent Peterson said one of the most common types of attack is this: a bogus but legitimate-looking Wi-Fi network with a strong signal is strategically set up in a known hot spot…and the hacker waits for nearby laptops to connect to it. At that point, your computer—and all your sensitive information, including user ID, passwords, credit card numbers, etc.—basically belongs to the hacker. The intruder can mine your computer for valuable data, direct you to phony webpages that look like ones you frequent, and record your every keystroke.
“Another thing to remember,” said Agent Peterson, “is that the connection between your laptop and the attacker’s laptop runs both ways: while he’s taking info from you, you may be unknowingly downloading viruses, worms, and other malware from him.”
Businesses that offer free or ad-hoc Wi-Fi often don’t know their networks have been breached. Individual victims usually don’t realize they’ve been targeted either until it’s too late