Hijacked by free Wifi: It can cost you

It’s just like jaywalking: you know it’s wrong, but you do it anyway. If your monthly data plan is almost full, you’ll probably connect to a public hotspot to save some bucks.

I decided to conduct my own tests on various hotspots around Montreal, to see if they can be trusted. So here I am, carrying my ‘dirty’ laptop in my bag and scanning WiFi network signals with my friend’s Android to find the unsecured ones.

Due to time constraints, I only tested 50 hotspots in 2 weeks. Of course, I chose the most suspicious-sounding network names since I wanted to be pwned.  One of the first things I noticed was the confusing names, done deliberately to make people believe the connection is legit (i.e., legit: Starbucks, fake: StarbucksHD). This often leads people to choose the fake one even if HD doesn’t mean anything

What’s another trick to bait users? There are 2 opposing tactics that both work well: 1) invite temptation by using a connection name like ‘DONOTUSE’, or 2) call it ‘FREE-INTERNET4U’.  Both network owners WANT you to connect to it.

So here’s the deal. My dirty laptop is set up with an outdated Windows XP, and Outlook Express is configured to use my custom and undiscoverable mail server.  This exercise involves connecting to an unsecured WiFi source and to check my bogus mail server using  Outlook Express (using  plain text authentication).  After checking my mail and browsing the web a bit, I disconnect and change the email account name in OE (This step is important for tracking purposes).

I waited 10 days, then checked the logs on the bogus mail server for any suspicious activities.

Here are the results:

 *The delay is the time between the Wifi test and the hit on the bogus mail server

The networks marked ? were not related to any network I was connected to when doing the test.  One of the funniest network names I saw was ‘Chicken.’ Though I expected to see some activity from it, I didn’t!

It’s important to remember that your connection can still be ‘sniffed’ and abused even if you’re using a legit hotspot that appears to be secure. No WiFi connection is ever 100% secure, so the safest way to surf is to use your provider’s 3G key.