Posts

How a Wi-Fi Hacker Snoops on Your Laptop and Mobile

You have likely heard of the dangers of using unsecure public Wi-Fi, so you know that hackers are out there snooping. It is pretty easy to hack into a laptop or mobile device that is on a public Wi-Fi connection with no protection. Hackers can read your emails, steal passwords, and even hijack your website log ins.

Let’s imagine that you are in a local coffee shop with your laptop. All someone has to do is download a wireless network analyzer, which usually has a free trial, and with the right hardware and additional software they can often see what everyone is viewing online…unless they are protected. In some cases they can also read your emails that are going out and received, as well as texts you might be sending. Scary, right?

Tips on How to Use a Wi-Fi Hotspot Safely

You now know what you are up against when you connect to a public Wi-Fi spot, but you should also know that you can use them with some safety in mind. Here are some tips:

  • When you log onto a website, only use an encrypted connection. This means use the URL that begins with HTTPS, not HTTP. Keep an eye on that as you move from page to page because some sites will send you to an unsecured page, which makes you vulnerable.
  • There are also many websites out there that will allow you to encrypt your browsing session automatically. Facebook, for instance, has this. To turn it on, go to your “Security” settings on the site, and then enable “Secure Browsing.”
  • If you are going to check your email, login to your web browser and then ensure that your connection to your email client is encrypted. (Check by looking at HTTPS). If you are using Outlook, or another email client, make sure that your settings are set for encryption.
  • Don’t use any service that is not encrypted when you are on a public Wi-Fi connection.
  • Consider using a VPN when you are connecting to a public Wi-Fi connection. There is a small fee for this, but it’s well worth it.
  • Beware of “evil twins” which are rogue networks designed to mimic legitimate networks. Example “ATT WiFi” my be “Free ATT WiFi”. Other than downloading special software that detects evil twins, the best case is to ask someone who’s knowledgeable as to which network is the safest.
  • If you are on a private network, make sure you realize that they are also vulnerable. Anyone who knows how can spy on the network. Again, use WPA or WPA2 security so the connection is encrypted. However, if someone guesses or knows the password, they can still spy on any device that is connected

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

College bound kids: protect your identity

The good old days were when today’s college kids’ parents lugged their typewriters into their dorm room, and they communicated to people via the phone on their room’s wall. Their biggest worry was someone stealing their popcorn maker. Nowadays, college kids need to beware of remote invasions by thieves.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Major educational institutions have reported numerous data breaches; they come from criminals but also result from professors being careless with laptops and students on open WiFi.

Why are colleges hotspots for hackers? There’s all sorts of users on insecure networks, not to mention a wealth of data. So it’s no longer just warning your kids not to walk the campus alone at night or to stay away from drugs and alcohol.

Students can have a tendency to reuse the same password—anything to make college life less hectic. All accounts should have a different password. And don’t use a password like GoSpartans. Make it nonsensical and full of different characters.

Social engineering. College kids can be easily tricked into making the wrong clicks. A malicious e-mail can pose, for instance, as something from the university. The student gets suckered into clicking on a link that then downloads the computer with malware. A student may be tricked into clicking on a “video link” to view something hot, only to instead download a virus.

Students should look for signs of a scam like bad grammar and spelling in the “official notice” and other suspicious things. Though it’s of utmost importance to have antivirus and antimalware, these won’t stop a thief from using the student’s credit card number after the student is tricked into giving it on a phony website.

College kids also have a tendency to go nuts on social media, posting continuous updates of their day-to-day actions. If the student’s Facebook page is chockfull of personal information, a crook who has the student’s e-mail address could use this information to figure out the student’s answer to security questions and then gain entry to their accounts. This is why two-factor authentication is so important. The thief can’t possibly bust into an account if they need a special one time PIN code with the password usually delivered via a text on their mobile.

Unprotected Wi-Fi. Not all campuses provide secure Wi-Fi, and the presence of antivirus, antiphishing, antispyware and firewalls don’t guarantee all levels of protection. To play it safe, students should never visit bank account sites, insurance carrier sites and other such sites while using public Wi-Fi. Better yet install Hotspot Shield to lock down and encrypt any unsecured WiFi.

Connection salad. Campuses are full of all sorts of connected devices, from phones and tablets to nutrition trackers and other gadgets. Everyone has a device, creating a hodgepodge of connections that puts students and everyone else on campus at risk for a data breach. These Internet of Things devices need their latest software updates and firmware updates. Keep them safe from physical theft too. Shut them off when not in use.

Password protect devices: We lose stuff and stuff gets stolen. While it is certainly more convenient to not password protect a mobile, laptop or tablet, it is also an identity waiting to be stolen. Everything needs a password and don’t share that password with anyone but parents. Because when you are sleeping some night, a drunk college dormate will come log in and start posing as you on social posting disparaging stuff that will last forever.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

4 Ways to Share Paid Hotspots

There are a number of scenarios you might be in where friends, family and colleagues need to jump on a (read: your) wireless connection, but they’d rather not pay a connection fee. So if you have the goods right in front of you and they can connect for free, they may buy you a cookie. Here’s how to be a good pal and earn their gratitude and occasional baked goods:

  1. MiFi ($50-$170 for the device and $50 monthly): There are a number of devices, data cards or USB plugins available through the major phone carriers that offer fast mobile internet speeds for up to 10 WiFi-enabled devices, including laptops, tablets, e-readers or music players. Many are powered by your laptop, while others stay charged up to 12 hours before recharging.
  2. Mobile phone tethering (free to $60 monthly): Tethering is when you use your phone as a hotspot. While iPhones, BlackBerrys, Windows Phones and Androids all offer tethering, not all phones support it. Still, most carriers offer tethering on most of their smartphones; some phones offer tethering through an application, while others go through the phone’s settings. Search out the term “tethering” and the name of your phone to determine your options.
  3. Pocket router ($30): At about the size of your thumb, the Asus WL-330NUL is the world’s smallest pocket router. Whenever you’re traveling or simply at a cafe, getting online becomes so easy as all your devices can use this USB-stick-sized router. Whether only WiFi or wired LAN is available, the pocket router creates your own private network and allows speedy cross-device communication, making it extra useful in staying connected anywhere.
  4. Virtual hotspot with your laptop (free to $30): There are two programs that work very well: Thinix WiFi Hotspot and Connectify. Connectify Hotspot lets you share your computer’s internet connection with other devices over WiFi. As long as your computer is online, your other nearby devices—and those of your friends and colleagues—will be, too.

Each of these connectivity options should contain a degree of encryption on its own. However, a virtual private network, such as Hotspot Shield VPN, is a free option that can encrypt all your wireless communications.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

6 Ways You Are Vulnerable On Wi-Fi

Whether you are on your home or office network or seeking out a free connection on public Wi-Fi, there are known risks that can be managed simply by using a free VPN.

#1. Outdated operating system-critical security patches. When an operating system is released, it often is secure—or at least as it can be for the moment. But once good-guy and bad-guy hackers take a look at it en masse, they discover vulnerabilities. When on an unprotected network, criminals can use software programs that search out vulnerabilities from outdated, unpatched software on your devices; once found, they use whatever tools are available to take advantage of those vulnerabilities and dig deeper into your devices.

#2. Unsecured wireless. Unencrypted Wi-Fi networks at home or in the office, or on the road at coffee shops, airports and hotels, are vulnerable to sniffers. Sniffers read the wireless data as it travels through the air and converts it so other computers (and those who administer them) can read it in words, numbers and computer code.

#3. Poorly secured wireless. Protected Wi-Fi that employs WEP, or Wired Equivalent Privacy, is vulnerable. WEP, introduced in 1997, is the original version of wireless network security. Over the past decade and a half, however, WEP has been cracked, hacked and decimated.

#4. Sharing network passphrases. You might share a wireless connection with people you trust. Perhaps you have roommates, or you live in a condo or apartment and like your neighbor so much that you give her your passphrase so she can hop on your wireless internet. But by doing this—and no matter how nice your network-sharing friends may be—you are letting other devices scoot by the encryption your router employs.

#5. Hijacked cookies.Session hijacking is when you log onto a website and your login data is stored via a cookie—a small bit of code that lets the website know you are logged in. If HTTPS isn’t used and these cookies aren’t encrypted—which, often, they are not—an attacker can copy that cookie onto his or her device and surf on that device just as though it were yours. You’ve been hijacked!

#6. Man-in-the-middle attack. When you are on an unprotected network and another device intercepts or eavesdrops on your internet communications, then communicates with the designated website acting as though it is you, the other device communicates with the website—and the website has no idea it is communicating with an attacker.

The easiest way to avoid all this drama is by protecting your devices’ wireless communications witha free VPN likeHotspot Shield. Hotspot Shield VPN protects your entire web surfing session, enables private browsing while securing your connection at both your home internet network and publicInternetnetworks.

Robert Siciliano is an Identity Theft expert consultant to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning AmericaDisclosures.