Accessing free wi-fi is putting banking details and photographs at risk
AUSTRALIANS are risking their cash, photos, and documents to access the internet for free, as experts warn public hot spots pose a serious risk.
National
Don't miss out on the headlines from National. Followed categories will be added to My News.
BANK accounts are being put at serious risk when using any of the growing public wi-fi hot spots as they can be hacked with little more than a radio receiver from an electronics store or a brief online tutorial, technology experts caution.
The warning comes after people reported more than $15.7 million lost to scams in the nation in the first two months of the year, according to the Australian Competition and Consumer Commission, with almost one in 10 scams delivered via the internet.
Australians have embraced public wi-fi hot spots recently, with Telstra adding “thousands” through its Air network late last year, and the Australian Communications and Media Authority estimating more than 4.2 million people used free public internet hot spots in June last year.
Nigel Phair, director of the University of Canberra’s Centre for Internet Safety, said people were unaware of the risks associated with these free services and exposed far too much of their information without realising it.
“There’s almost no security built into the majority of public wi-fi hot spots,” he said.
“The average user isn’t going to look at the security certificates. Anyone can sniff that data.”
Mr Phair said wi-fi hot spots were often compromised in three ways: a man-in-the-middle attack in which your phone connects to a hacker’s equipment; a rogue, open wi-fi network designed solely to steal data; and sniffing or eavesdropping on data transferred on the network.
WI-FI ALREADY FACING BEING OUT-DATED
University of Adelaide cyber security expert Dr Malcolm Pattinson said the “encryption system is so weak” in many wi-fi hot spots, a small hardware investment and technical know-how is all that is required to gain access to users’ data, including passwords, photos, and files.
“You could walk into a Dick Smith store and quite cheaply get a receiver to break into some of these wi-fi hot spots and watch the information go past,” Dr Pattinson said.
“You can dial into the right frequency and you’d have access to all these data packets.”
Despite the widespread risk, Mr Phair said it was “almost impossible to track” the popularity of wi-fi data theft in Australia, and even to identify whether you had lost information in this way.
Data stolen from phones could include banking and investment passwords, photographs, documents, text messages, and contacts.
RMIT information security associate professor Asha Rao said wi-fi hotspot users should protect themselves by sticking to web searches, maps, email, and avoiding any site or service that required their username or password while connected to a public wireless hotspot.
Ms Rao said wi-fi hotspot hackers relied on the impatience of users who could not wait to access their accounts or information in a more secure environment.
“What attackers are trying to exploit is the weakness within people — they want to get things done and they’re not looking at the risks,” she said.
“There’s a famous saying that every day security is sacrificed on the altar of convenience.”
TOP TIPS FOR USING PUBLIC WI-FI HOTSPOTS
— Never use websites or apps that require a username or password
— Do not use banking or financial services
— Assess whether the hotspot is operated by a reliable source
— Use a VPN (virtual private network) app to encrypt data transfers
— Turn off all sharing services, such as Airdrop