Posts

Big ISP free Wi-Fi hazardous to your Data Health

Beware of “Free Wi-Fi” or “Totally Free Internet,” as this probably IS too good to be true. These are likely set up by thieves to trick you into getting on a malicious website.

3WAT&T and Xfinity have provided many free hotspots for travelers to get free Wi-Fi: all over the country. Sounds great, right? However, these services make it a piece of cake for thieves to gain access to your online activities and snatch private information.

AT&T sets mobile devices to automatically connect to “attwifi” hotspots. The iPhone can switch this feature off. However, some Androids lack this option.

Cyber thugs can set up fake hotspots called “evil twins”, which they can call “attwifi,” that your smartphone may automatically connect to.

For Xfinity’s wireless hotspot, you log into their web page and input your account ID and password. Once you’ve connected to a particular hotspot, it will remember you if you want to connect again later in that day, at any “xfinitywifi” hotspot and automatically get you back on.

If someone creates a phony WiFi hotspot and calls it “xfinitywifi,” smartphones that have previously connected to the real Xfinity network could connect automatically to the phony hotspot—without the user knowing, without requiring a password.

None of this means that security is absent or weak with AT&T’s and Xfinity’s networks. There’s no intrinsic flaw. It’s just that they’re so common that they’ve become vehicles for crooks.

Smartphones and Wi-Fi generate probe requests. Turn on the device’s WiFi adapter. It will search for any network that you’ve ever been connected to—as long as you never “told” your device to disregard it. The hacker can set the attack access point to respond to every probe request.

Your device will then try to connect to every single WiFi network it was ever connected to, at least for that year. This raises privacy concerns because the SSIDs that are tied with these probe requests can be used to track the user’s movements.

An assault like this can occur at any public WiFi network. These attacks can force the user to lose their connection from their existing Wi-Fi and then get connected to the attacker’s network.

Two ways to protect yourself:

#1 Turn off “Automatically connect to WiFi” in your mobile device, if you have that option.

#2 the best way to protect and encrypt all your data in your laptop, tablet, or mobiule is via Hotspot Shields software to encrypt all your data even if you automatically connect to a free WiFi.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

How Do I Protect Myself When Using Wi-Fi?

Wi-Fi is everywhere. Whether you travel for business or simply need Internet access while out and about, your options are plentiful. You can sign on at airports, hotels, coffee shops, fast food restaurants, and now, even airplanes.

Wi-Fi wasn’t born to be secure; it was born to be convenient. Wireless networks broadcast messages using radio and are therefore more susceptible to eavesdropping than wired networks.

Today, with criminal hackers as sophisticated as ever, if you are using an open unsecured network on your mobile device, you risk exposing your data. There are many ways for hackers to see who’s connected on a wireless connection, and to gain access to your information including passwords, emails, and all the data on your device.

To protect yourself and your data when using Wi-Fi, you should:

Turn it off: the most secure Wi-Fi is one that is turned off. Disabling the Wi-Fi signal on your device prevents anyone from seeing your device and prevents your mobile from randomly connecting to just any available Wi-Fi.

Limit your use of hotspots: When you’re away from your home or work network, use a 3G or 4G data connection instead since most mobile phone providers encrypt the traffic between cell towers and your device.

Use a Wi-Fi connection is protected: Make sure you don’t see the message you are “connecting to an unsecured network.” You may also need a password or code to get access to the Wi-Fi connection.

Use a VPN: a Virtual Private Network (VPN) is one set up with encryption to protect your data from unauthorized access. A VPN may be available through your workplace or at home. A quick search in your mobiles application store will quickly result in numerous free and paid apps to go online in a VPN.

Only use https: Hypertext transfer Protocol (http) with Secure Sockets Layer (SSL, hence the S) is a more secure option set up by a website that knows security is essential. Look for https:// in the address bar signifying it’s a secure page. Even on an open unsecure wireless connection https is more secure.

If you do use public Wi-Fi, make sure not shop online or access your personal and financial sites. And remember to keep in mind that potentially anything you are doing online can be accessed by someone.

Robert Siciliano is an Online Security Evangelist to McAfee. See him on Anderson Cooper discussing mobile security and identity theft(Disclosures)