Hackers set up fake Wi-Fi hotspots to steal your information

Jeff Ehling Image
Friday, July 10, 2015
Hackers use public Wi-Fi networks to steal your information
If you can access a Wi-Fi network, hackers can easily access your personal information

HOUSTON (KTRK) -- Experts say free Wi-Fi connections in public places are usually secure, but more and more criminals are finding ways to lure you onto their rogue connections. When you do, they are collecting everything from passwords to financial information.

"What they're doing is rather than breaking in, they're inviting you in," said IT expert and private investigator Colman Ryan.

Ryan says criminals are leveraging available technology to steal information by using devices like a Rogue Access Point. It sends out a signal in popular areas, mimicking a public Wi-Fi hotspot.

"If you are not indeed connected to the actual access point that you intend on connecting to, it can be extremely detrimental," Ryan said.

Instead of connecting to a public Wi-Fi network, Ryan says hackers are hoping you log onto theirs.

"If you jump on a rogue AP, they control DNS, routing and port forwarding. And by doing that, it's game over," Ryan said.

Criminals will redirect you to a fake website, say for example, banking. The webpage looks like a legitimate bank's site, but in reality it is a mock page setup by the hacker. When your login name and password are entered, they could have access to your financial information.

"If while you're connected to that rogue AP, it checks mail, they're going to get into that," Ryan said.

Hackers will even be able to obtain your passwords for social media sites.

To make sure you're connecting to the correct public Wi-Fi network, Ryan says there are some things to watch out for.

"Most public Wi-Fi now is captive portal. So you don't have to put in a password to join the network," Ryan said.

Many public Wi-Fi networks will ask you to agree with their terms and service before using it. If not, you won't have access. Ryan says if you connect to a network and immediately start browsing, that could be a red flag. Another warning sign is a sluggish connection.

"Often times you will notice a lag because there's a lot going on the back end as far as rerouting," Ryan said.

Ryan advises to go into your device network settings and forget any previous public networks. This way, if you did connect to a rogue access point in the past, you will not automatically connect to them in the future. Also, turn off the Wi-Fi on your phone or tablet when not in use.