Cyber Security Articles & News

Hackers can steal your info in three easy steps when you use public Wi-Fi

Are you always on the hunt for open public hotspots to save on data costs? Or perhaps you are on the road and you need an internet connection to quickly check on remote documents on your work laptop.

We have warned you before about how crooks can use public Wi-Fi networks to steal your data or even rig public charging stations to steal your data. It is quite simple and easy really for determined hackers to set up fake public "honey pot" traps.

Yesterday, former top hacker turned cyber security consultant Kevin Mitnick demonstrated to ABC's Four Corners how easy it really is.

53-year-old Mitnick was arrested in 1995 for the security breaches of more than 40 major corporations including Nokia, Motorola and IBM. He served five years in prison and is now one of the top white-hat security consultants in the industry.

In the Four Corners video, Mitnick showed how a hacker can steal data by setting up a fake Wi-Fi public hotspot with a legitimate-sounding name, like "Telstra Air" in an airport, as used in his example.

Once the victims unsuspectedly log into the fake Wi-Fi network, the hacker could then sniff and record all the keystrokes coming from their devices, including usernames and passwords from websites they visit, such as banking information.

Mitnick says once this user information is stolen, hackers could then send out fake software updates to the target computers to install malware. If the malware is successfully installed, the hackers will gain full control of the infected computers.

He also said that these hacking tools are so accessible to everyone on the internet that even high school students download and deploy them.

To summarize, here are the three steps that Mitnick demonstrated:

  1. Hackers set up their own fake public Wi-Fi with a misleading name.
  2. Upon logging in, the victim's keystrokes are recorded and stolen to obtain personal information.
  3. Hackers will send malware disguised as updates to the victim's computer. Once the malware is installed, the hackers gain full control of the computer without the victim's knowledge.

To watch the ABC Four Corners excerpt, click play on the YouTube video below:

https://youtu.be/cMNF1LlluYg

How to protect yourself:

When you do connect to public networks, encrypted data is essential to your online security. However, you can't always trust that the network is encrypting that data for you. Visiting SSL sites, or websites that begin with the letters H-T-T-P-S means that the data exchanged is being encrypted. But you still may want to take additional precautions. Here's how:

  • VPNs: You might not realize that it's easy to create your own private network. VPNs, or Virtual Private Networks, can be created wherever you go if you have the right software. There are several apps that create VPNs, as well as online security software.
  • Online security software: Encryption is also something that's included with from our sponsor, Kaspersky Lab. Total Security software offers security for your computer, smartphone and tablet, so that you're covered no matter which device you're using. This coverage includes anti-phishing technology, Wi-Fi security alerts, webcam protection, secure shopping and banking, malware detection, and more.

How it works:

Kaspersky Total Security scans your computer for threats, blocks malicious programs from installing, steers you away from phishing sites, makes online banking safer and so much more. A single license covers up to five gadgets whether it's Windows, Apple or Android.

Source: KIMKOMANDO

Topics: Telstra Air, penetration testing, phishing simulation, fake software, cyber security expert, IBM, keynote speaker, Mitnick Security Awareness Training, Motorola, Nokia, Passwords, record keystrokes, security breaches, Wi-Fi, banking information, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

Entering the Metaverse for Your Virtual Cyber Security Events

Virtual events can utilize virtual reality (VR) and the Metaverse so you can host a memorable event that also trains your attendees in all things cybe..

Read more ›

Does Kevin Mitnick Still Hack?

Kevin Mitnick is best known for some of his earlier hacks on Motorola and other enterprise companies that earned him a spot on the FBI’s most wanted l..

Read more ›

The Most Common Social Engineering Techniques We’re Seeing This Year

With today’s available technology, threat actors have become masterminds at exploiting vulnerabilities to steal private data, and sometimes, even gain..

Read more ›
tech-texture-bg