JOHANNESBURG - In a country where many consumers are disgruntled at less than competitive data costs, free internet access in the form of Wi-Fi, some argue, has become something of a basic human right.
Hackers are now exploiting this need; where one may have previously believed that accessing public/ unsecured Wi-Fi was a clever life hack to save data, experts now caution otherwise.
Speaking at the Economic Crimes Conference in Johannesburg on Wednesday, Investec Risk Manager, Kevin Fraud highlighted a new scam hackers are now using to hack your identity.
This is how hackers work to access your personal information:
The first step is through a technological term called, man-in-the-middle (MITM) - this is where a third party intercepts communications between two participants, ie, you and the secure website you are accessing eg, your email.
Fake Wi-Fi connections are a variation of a MITM attack, coined, the “Evil Twin”. This technique intercepts your data while it's in transit, and bypasses any security systems a public Wi-Fi hotspot might have.
A practical example; you're at OR International airport and the secured Wi-Fi is "OR Wi-Fi," the password given is "ORpass" - a hacker would set up a hotspot disguised as the secured Wi-Fi, and label it "OR Free Wi-Fi," cleverly using the exact same password, "ORpass."
You would unsuspectingly select the second fake WIFI option, "OR Wi-Fi," and by doing this, you have now unwittingly logged into the hackers hotspot.
The hacker is now able to vacuum your personal material by simply logging into your email, this gives the hacker access to your usernames, passwords, and private messages. Once the information is in hand, the hacker can access your internet banking and in some cases credit, using the details pulled from your emails, such as payslips and copies of your ID.
Anyone using public Wi-Fi, whether at a restaurant, mall or airport is particularly vulnerable to a MITM attack.
If the hacker has enough time, he/she can even load spyware onto your device; so that everything that you do, for as long as you have that computer will automatically be sent to the hacker.
"Wi-Fi is a gateway into your computer, you walk down the street and find five coffee shops but only one's got Wi-Fi, which one are you going to go into?
This is what we call social engineering, where I con you to do what I want you to do," Fraud said.
Fraud said high data costs were pushing people to utalise free Wi-Fi, and inadvertently putting themselves at risk.
"People default to free public Wi-Fi, " because no one tells us the dangers of logging onto free Wi-Fi, but they're setting yourself up," he said.
Experts have encouraged three steps to avoid falling victim:
If you're at an airport or public space, find out who the secure WI-FI provider is
Check to make sure your computer or smartphone is not set up to automatically connect to any unknown Wi-Fi networks.
Make sure to connect to websites via HTTPS - this encrypts anything you send and receive from the website
Change the passwords on your devices as often as once a month.
Cyber security expert, Greg Evans demonstrates to a CNN anchor how someone can hack into your computer when you connect to an unsecured website at an airport.
WATCH BELOW:
* Source - CNN