01-26-2005, 08:30 PM
|
|
Contributing Editor Emeritus
Join Date: Aug 2006
Posts: 8,228
|
|
Twist On Phishing Scam - WiFi "Evil Twin" Scams Users With False Hotspots
http://www.eweek.com/article2/0,1759,1752906,00.asp?kc=EWRSS03129TX1K0000605
"The Evil Twin is essentially a wireless version of a phishing scam�users think they're connecting to a genuine hot spot but are actually connecting to a malicious server, which can then extract information such as bank details. The attack can be carried out by anyone with the right equipment in the vicinity of a legitimate base station, according to Dr. Phil Nobles, wireless Internet and cybercrime expert at the U.K.'s Cranfield University."
Ugh. :? It is rapidly approaching the point where I am wondering if it is worth getting online. 
|
| |
|
|
|
01-26-2005, 08:41 PM
|
|
Intellectual
Join Date: Mar 2004
Posts: 241
|
|
Hi, this is you bank.
We have heard of "Internet" phishing "Scams" and as such we need to verify your account information to be sure you are a "True" customer and not a "Scamerr". Please to send an email to us at "[email protected] with your web username, password, first and last name, and also your social security number and credit card number and expiration date. This is for security validation purposes only and will not be shared with other parties.
Please reply soon.
|
| |
|
|
|
01-26-2005, 08:48 PM
|
|
Pontificator
Join Date: Dec 2005
Posts: 1,183
|
|
Unfortunately there are thousands of people who would assume that would be genuine, when we all know (don't we?) that such a thing would be utterly fake.
As for the hotspot ... this guy is just demonstrating a possibility, right? In other words he is taking the time to show all the nasty elements what they need to strt investigating, rather than showing us what they are already getting up to ... ?
Besides. What sane person uses thinkgs like Wallet or whatever to store bank details etc on their laptop or PPC? Aren't they ASKING for trouble?
|
| |
|
|
|
01-26-2005, 08:51 PM
|
|
Philosopher
Join Date: Apr 2004
Posts: 545
|
|
Old news
This has been happening for a long time now and both Engadget and Slashdot covered this last week. How do you avoid getting duped? At home, never....ever broadcast your BSSID. Then you'll never have to worry. Same goes at work. Also, use bluespot or other gateways at work. Those go along way to helping keep things from getting out of hand.
|
| |
|
|
|
01-26-2005, 08:56 PM
|
|
Intellectual
Join Date: Aug 2002
Posts: 171
|
|
I am getting frustrated going on line. I've had two systems completely crash because of some virus, trojan, spyware crap. I'm going to have to go back to "sneaker net". Probably one home PC to use and a separate, non-networked PC to surf...
|
| |
|
|
|
01-26-2005, 09:01 PM
|
|
Sage
Join Date: Jul 2003
Posts: 713
|
|
This is a bit more sophisticated than phishing via email. By providing a fake access portal that looks exactly like the expected one you could easily lull users into thinking they were working through the real site. The fake site could then redirect all activities to real sites, while harvesting any interesting info, such as bank numbers, passwords, etc.
This is akin to the old UNIX fake-login scheme from my college days (~20 years ago) where someone would run an app that appeared to be a login screen and then walk away. Unsuspecting users would then try to log in, allowing the app to harvest their username/password. The app could then give the new user an "unrecognized password" error and auto log out the original user, leaving the new user with a valid password. The new user would figure that he typed in his password wrong and try again, never wiser that his account had been compromised.
The more things change...
|
| |
|
|
|
01-26-2005, 09:04 PM
|
|
Sage
Join Date: Jul 2003
Posts: 713
|
|
Re: Old news
Quote:
|
Originally Posted by gorkon280
This has been happening for a long time now and both Engadget and Slashdot covered this last week. How do you avoid getting duped? At home, never....ever broadcast your BSSID. Then you'll never have to worry. Same goes at work. Also, use bluespot or other gateways at work. Those go along way to helping keep things from getting out of hand.
|
Also, never assume a public access point is secure.
|
| |
|
|
|
01-26-2005, 09:07 PM
|
|
Intellectual
Join Date: Jul 2007
Posts: 214
|
|
I'm not sure how this scam works. You log into a fake wireless network, and then they search the files on your computer?
Doesn't seem like it would be very effective with a PPC, since the server can't access the PPC without Active Sync.
Or you log into a fake wireless network and they actually act as an Internet gateway and log all your entry information as you browse?
It only seems like this would work if you access your bank's site with the PPC, assuming it's actually hooked up to the Internet. Maybe it would be a good practice not to access sensitive information on public hotspots.
|
| |
|
|
|
01-26-2005, 09:15 PM
|
|
Sage
Join Date: Jul 2003
Posts: 713
|
|
Quote:
|
Originally Posted by frankenbike
Or you log into a fake wireless network and they actually act as an Internet gateway and log all your entry information as you browse?
|
That's it.
Quote:
|
Originally Posted by frankenbike
It only seems like this would work if you access your bank's site with the PPC, assuming it's actually hooked up to the Internet. Maybe it would be a good practice not to access sensitive information on public hotspots.
|
Exactly. Or order anything off the internet with a credit card.
|
| |
|
|
|
01-26-2005, 09:49 PM
|
|
Thinker
Join Date: Aug 2006
Posts: 323
|
|
How difficult would it be for the tech geek setting up the public hotspot for one of the coffee shops/bookstores/etc to simply eavesdrop on the internet traffic between the WiFi AP and the internet connection?
As most of the above posters have said, you simply should't trust a public internet source for banking, credit card purchases, or sensitive email.
|
| |
|
|
|
|
|
Linear Mode
