Consumers and business executives who use internet hotspots or open access points in South Africa make themselves and their companies vulnerable to cyber attacks, according to South African cyber security company Magix Security.
Executives and consumers assume the convenient hotspots are safe enough to access, but do not realise how exceptionally easy it is for criminals to set rogue hotspots up, also referred to as “man in the middle” attacks.
These rogue hotspots present themselves as safe and trusted internet connections, but in reality they allow unscrupulous people access to the unsuspecting internet user’s sensitive and personal information such as business databases, log in details for email, applications, and online banking.
“When business people travel, there are many hotspots and other access points in coffee shops, hotels, conference venues and so forth that they use to easily stay in touch with the office and their families,” said Hedley Hurwitz, managing director (MD) of Magix Security.
The rogue hotspots deceive users into believing they are accessing the hotspot through a legitimate router to the coffee shop or hotel in question. The fraudster places equipment in the middle of the transaction to acquire the personal data.
Mobile devices usually save hotspots from prior connections so when the the device is out of range from a connection, it will poll the area in order to determine if one of the pre-saved hotspots are available.
During the mobile device’s polling for saved hotspots, a rogue access point is able to learn which network the device in question is searching for and then pretends to be appropriate hotspot.
The device then connects to the imposter hotspot, which exposes the user to identity theft in addition to malware and other issues.
According to Magix Security, a solution to the mobile risks involves switching off the automatic polling function on the mobile device, which will prevent it from recording hotspots.
Another solution is to never use public hotspots to conduct activities of a sensitive nature, such as online banking.
According to Magix Security, public hotspots are easy prey for criminals as well as teenagers having fun with software they discovered online.
“Naturally, this is not all you need to secure your mobile activity, but it’s a start and will decrease your risk. Once you’ve done the simple things, you can look at technology for an additional security boost,” said Hurwitz.