How to Protect Your Mobile Data

Beware of "Free Wi-Fi." Cyber thugs set up sites known as "evil twins" that can steal your signal and leave you vulnerable.

sixthings
Beware of “Free Wi-Fi” or “Totally Free Internet,” as this offer probably is too good to be true. These offers are likely set up by thieves to trick you into getting on a malicious website. AT&T and Xfinity have provided many hotspots for travelers to get free Wi-Fi all over the country. Sounds great, right? However, these services make it a piece of cake for thieves to gain access to your online activities and snatch private information. AT&T sets mobile devices to automatically connect to “attwifi” hotspots. The iPhone can switch this feature off. However, some Androids lack this option. Cyber thugs can set up fake hotspots called “evil twins,” which they can call “attwifi,” that your smartphone may automatically connect to. For Xfinity’s wireless hotspot, you log into a web page and input your account ID and password. Once you’ve connected to a particular hotspot, it will remember you if you want to connect again later in that day, at any “xfinitywifi” hotspot and automatically get you back on. If someone creates a phony Wi-Fi hotspot and calls it “xfinitywifi,” smartphones that have previously connected to the real Xfinity network could connect automatically to the phony hotspot—without the user's knowing, without requiring a password. None of this means that security is absent or weak with AT&T’s and Xfinity’s networks. There’s no intrinsic flaw. It’s just that they’re so common that they’ve become vehicles for crooks. Smartphones and Wi-Fi generate probe requests. When you turn on the device’s Wi-Fi adapter, it will search for any network that you’ve ever been connected to—as long as you never “told” your device to disregard it. The hacker can set the attack access point to respond to every probe request. Your device will then try to connect to every single Wi-Fi network it was ever connected to, at least for that year. This raises privacy concerns because the SSIDs that are tied with these probe requests can be used to track the user’s movements. An assault can occur at any public Wi-Fi network. These attacks can force users to lose their connections from their existing Wi-Fi and then get connected to the attacker’s network. Two ways to protect yourself: #1 Turn off “Automatically connect to WiFi” in your mobile device, if you have that option. #2 Use Hotspot Shields software to encrypt all your data on your laptop, tablet or mobile device.

Robert Siciliano

Profile picture for user RobertSiciliano

Robert Siciliano

Robert Siciliano is CEO of IDTheftSecurity.com. He is fiercely committed to informing, educating and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. Media outlets, executives in the C-Suite of leading corporations, meeting planners and community leaders turn to him to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace.

Read More