yesterday, CCTV consumer advocate reported that people’s daily use of wireless networks there is a huge security risk. In the program, CCTV security engineers in the United Duba actual test multiple scenarios show some free WIFI hotspots in public places such as train stations, cafes there may be phishing scams, and the router at home may also be easily compromised by malicious attackers. Internet users in the knowledge of the case, it may face the sensitive personal information was stolen, the Internet as naked, access to phishing sites, will result in direct economic losses.
free WIFI fishing bait bait can account information leakage
not long ago, the media reported a woman placards to protest in front of the McDonald’s, the use of public WIFI Internet cheated 2000 yuan, even though WIFI is easy, Diuqian easier, and even with careful." Expert analysis, the reason why the woman was stolen online shopping is likely related to WIFI fishing.
program, the reporter and two Duba security engineer such a phishing experiment. They simulate hacker named BEIJINGFREE and WANGFUJINGFREE two were set free WIFI hotspots in the Beijing Railway Station and Wangfujing business district, does not have a password, as bait to lure Internet users to connect nearby.
because the WIFI signal is strong and without a password, it will soon have dozens of Internet users through the mobile phone, tablet computer, computer and other devices to access the two fishing hot spots, and Internet users in the network on the mobile phone models, every act and every move, even open the application name and Internet information, browse web pages, such as the owner QQ number, WeChat Taobao, micro-blog circle of friends photos, account information, and intercept the founder of WIFI.
study found that, in the fishing WIFI environment, if users log on micro-blog, hackers will use the session mechanism online presence easily hijack the users micro-blog account, not only to the identity of the owner to browse the Internet users private letter content and encrypted album, you can also be made of micro-blog and micro-blog to delete and other operations. And if the user access to the Internet after the WIFI online shopping, then the hacker can enter their online shopping account, view the Internet users to buy records and personal contact, home address, etc..
Duba Security Engineer Zhao Yu said: "the WIFI fishing hot upstream data transmission is in fact set up a valve, all customer data through the valve with the corresponding transmission sites, hacker attacks by certain equipment, we can analyze and grasp the data record. In this way, the relevant information will be acquired by hackers."
it is understood that the hacker attacks on a large number of devices sold online, and the cost is very low, only a few hundred dollars. Their learning costs are not high, read some instructions can be used, a computer can not be a high level of people in a short time to become a hacker. WIFI fishing cost