Risk: Informational
People using wireless high-speed networks (wi-fi) are being warned about fake hotspots, or access points.
The latest threat, nicknamed "evil twins", pose as real hotspots but are actually unauthorised base stations, say Cranfield University experts.
Once logged onto an Evil Twin, sensitive data can be intercepted.
Wi-fi is becoming popular as more devices come with wireless capability. London leads the global wi-fi hotspots league, with more than 1,000.
The number of hotspots is expected to reach 200,000 by 2008, according to analysts.
"Users need to be wary of using their wi-fi enabled laptops or other portable devices in order to conduct financial transactions or anything that is of a sensitive or personal nature," said Professor Brian Collins, head of information systems at Cranfield University.
"Users can also protect themselves by ensuring that their wi-fi device has its security measures activated," he added.
BT Openzone, which operates a vast proportion of public hotspots in the UK, has said publicly that it made every effort to make its wi-fi secure.
"Naturally, people may have security concerns, but wi-fi networks are no more or less vulnerable than any other means of accessing the Internet, like broadband or dial-up."
BT Openzone, as well as others, have sophisticated encryption from the start of the login process to the service at a hotspot. This means that users’ personal information and data, logon usernames and passwords should be protected and secure.
In the vast majority of cases, base stations straight out of the box from the manufacturers are automatically set up with the least secure mode possible, said Dr Nobles.
Cybercriminals who try to glean personal information using the scam, jam connections to a legitimate base station by sending a stronger signal near to the wireless client.
Anyone with the right gear can find a real hotspot and substitute it with an evil twin.
"Cybercriminals don't have to be that clever to carry out such an attack," said Dr Phil Nobles, a wireless net and cybercrime expert at Cranfield.
"Because wireless networks are based on radio signals they can be easily detected by unauthorised users tuning into the same frequency."
Although wi-fi is increasing in popularity as more people want to use high-speed net on the move, there have been fears over how secure it is.
Some companies have been reluctant to use them in large numbers because of fears about security.
A wireless network that is not protected can provide a backdoor into a company's computer system.
Public wi-fi hotspots offered by companies like BT Openzone and The Cloud, are accessible after users sign up and pay for use.
But many home and company wi-fi networks are left unprotected and can be "sniffed out" and hi-jacked by anyone with the correct equipment.
BT advises that customers should change all default settings and make sure that their security settings on all equipment are configured correctly, They also advocate the use of personal firewalls to ensure that only authorised users can have access and that data cannot be intercepted.
To test that your Wireless networks are secure, why not take advantage of NTA’s newest offering, the Wireless Testing service. Contact the sales team on +44 (0)1634 721855 or sales@nta-monitor.com for more information.