Wi-Fi phishing scam targets business travelers

Warning to users of airport and hotel access points

Business computer users who frequent airport and other wireless hot spots are being warned of a new, more sophisticated variant of the "Evil Twin" phishing scam that appeared in January.

In a warning today, wireless security and monitoring vendor AirDefense Inc. in Alpharetta, Ga., said the new phishing scam lures victims by setting up fraudulent Web sites that appear to be log-in sites for legitimate Wi-Fi hot spot vendors. When users log in and access the phony sites providing personally identifying information, their computers are hit with as many 45 viruses, according to AirDefense.

The company said wireless users at hot spots in shopping malls and coffee shops aren't believed to be at risk because hackers are targeting more lucrative victims, such as business travelers in hotels and at airports.

"These attacks are being driven by business because so much business, so many transactions, are done over the Internet," said Jay Chaudhry, the chairman and co-founder of AirDefense. "There's a lot of this going on, and business people need to be careful. The average business executive ... has no clue."

"Wireless security is a race with hackers," Chaudhry said in a statement. "Hackers have moved away from the challenge of simply trying to access a device. They are now interested in commercial gain. The most lucrative and easiest place for hackers' commercial gain is business hot spots such as airport lounges, hotels and conferences."

The phishing scam was discovered at several recent wireless technology trade shows, the company said.

The new Wi-Fi phishing variant is a more sophisticated version of the Evil Twin attack that hit the Internet in January. In Evil Twin, also known as the AP (access point) phishing scam, an attacker poses as a legitimate hot spot and tricks victims into connecting to the hacker's laptop or handheld device, according to AirDefense. Once the victim connects, the attacker can attempt to coerce the user into revealing personal and confidential information.

To avoid becoming victims of the latest scam, AirDefense recommends that wireless users take several security steps. When accessing their accounts at hot spots, users should enter passwords only into Web sites that include a Secure Sockets Layer key at the bottom right of the Web browser. Users should also avoid hot spots where it's difficult to tell who is connected, such as at hotels and airport clubs. Hot spots should only be used for Web surfing and not for making online purchases or any other transactions where account numbers or passwords are needed, the company said.

Users should also turn off or remove their wireless cards from their computers when they aren't accessing a hot spot to prevent others from accessing their machines, the company said. Users are also encouraged not to use unsecured applications such as e-mail or instant messaging while at hot spots. All patches for personal firewall and security software should also be continuously updated.

Copyright © 2005 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon