Wireless Phish is not a cousin of flying fish

You can batten down the hatches of your home wireless access point, but if you are used to Wi-Fi for home and travel, that may not prevent you from getting hacked (that is if the stories circulating have any validity).

While wi-fi phishing is nothing new, there has been a spate of new attempts targeting business travelers.

In the recent exploits, phishers supposedly pose as valid wireless hotspots, enticing users to connect and then snatching personal information. This is certainly doable, and business travelers in generally are not exactly the most technologically saavy bunch, but it does raise a few questions..

Are the attackers sitting in that coffee shop posing as a wi-fi access point? Do paid airport locales need to implement additional security measures to prevent their login pages from getting hijacked?

AirDefense didn’t mention exactly how this type of exploit is pulled off when they announced their products would protect against these attacks. If you are posing as a legitimate hotspot, don’t you have to set up some wireless infrastructure nearby, or steal the domain of an existing provider?

I am looking for some additional insight on this issue, if anyone has any. Meanwhile, I will be waiting for an announcement from hotspot providers on their latest security measure implementations and/or some sneaky looking characters eyeing laptop owners at my favorite wi-fi venue.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.