How criminals steal data over the air

How criminals use fake Wi-Fi hotspots to steal data, and how you can use our solutions to protect yourself.

Danger often comes from an unexpected direction. For example, while you are alert to pickpockets, criminals may be approaching invisibly, over Wi-Fi.

Here’s a typical scenario: Let’s say you meet up with friends at a café and have a bite to eat while deciding what to do next. Maybe you decide to continue on to a movie. Or a play. Or a concert. That’s when you connect to an available Wi-Fi hotspot and buy tickets online. Soon after, you find your credit card has been maxed out.

Sounds terrible, doesn’t it? Wouldn’t it feel fair and just to find the culprits and take them to police? OK, let’s try: Do you remember that while you were enjoying your meal with friends, two young people at the table next to you had just finished yet another cup of coffee? They looked ordinary, having a quiet conversation and occasionally peering at their laptop. But what you didn’t see was the special equipment in their bag, something like this:

These people came to the café not for coffee and croissants but to steal data from visitors. They created an open Wi-Fi hotspot to attract victims and got access to all traffic sent and received by the devices of anyone who connected to their hotspot. Someone logged in to an online bank and the criminals got their credentials. The couple at the next table over logged in to Instagram to post a selfie and criminals owned access to their social network. Your friend checked her corporate e-mail and — well, you see where we’re going with this.

To accomplish this kind of thievery doesn’t require high-level programming skills. YouTube has more than 300,000 videos that explain how to hack Wi-Fi. Moreover, the necessary equipment is cheap — less than $100. Having received your banking and personal data, cybercriminals can continue the attack and gain substantial profit.

How it works

There are several ways to gather data with the help of fake Wi-Fi.

1. Sniff network traffic
A method as old as time — eavesdropping — works with Wi-Fi as well. Common plugins and apps can turn your smartphone or laptop into a sniffer — an eavesdropper — and in addition, you can purchase specialized and powerful equipment online. Thus equipped, you’ll be able to intercept data transferred over the air and fish out useful files such as cookies and passwords.

Of course, you’ll need an unencrypted or poorly protected network (for example, the secured with weak WEP protocol) to listen in on other people’s business. The WPA and, especially, WPA2 protocols are considered more reliable. Here’s a look at what eavesdropping looks like on hacker’s end.

2. Create a rogue (fake) hotspot
This is what criminals did in our example. The thing is, people place a certain amount of trust in the places we visit: For example, we trust that the food in a café will not make us sick, the staff will be polite, and the Wi-Fi will be secure.

Cybercriminals take advantage of that trust. For example, you will often see several Wi-Fi networks in hotels. They are usually created in popular places whose many visitors create too high a load for one network to serve reliably. But there’s nothing to stop criminals from making a Hotel Wi-Fi 3 network in addition to the Hotel Wi-Fi 1 and Hotel Wi-Fi 2 already set up.

3. Execute the “evil twin” attack
In fact, this is a variation on the previous method. Computers and mobile devices usually remember the networks they’ve connected to before so that they can do it again automatically. Sometimes criminals make copies of the names of popular networks (for example, free Wi-Fi connections in coffee shops and fast food chains) to fool your devices

What can you do?

We recommend reading this post that explains in detail how to use public Wi-Fi securely, but just in case, here are four must-follow rules.

a) Do not trust unprotected networks that don’t ask you to enter a password.

b) Turn off Wi-Fi when you don’t need to use it.

c) Trim your list of remembered networks from time to time.

d) Do not use online banks and do not log in to important sites in cafés, hotels, malls, and other unreliable places.

The good news is, all users of Kaspersky Internet Security — Multi-Device and Kaspersky Total Security — Multi-Device can protect themselves with the help of our new Secure Connection component. If you turn it on, Secure Connection will encrypt your data every time you connect to public Wi-Fi and other unreliable networks.

You can set up this component flexibly, programming it to turn on automatically when you:

– connect to unreliable Wi-Fi;
– access banking and payment systems;
– purchase something online;
– use your e-mail, social networks, messaging, and other Internet communication resources.

In all of these cases our solutions will protect you and your data!