ThreatMetrix Cites Risks of Public Wi-Fi and Warns Consumers Not to Get Burned by Cybercriminals
Posted April 29, 2013
Cybercrime Prevention Leader Offers Tips to Prevent Fraud and Malware When Accessing Sensitive Information via Public Wi-Fi at Coffee Shops and Other Public Locations
San Jose, CA – April 29, 2013 – ThreatMetrix™, the fastest-growing provider of integrated cybercrime prevention solutions, today announces several fraud scenarios associated with accessing sensitive information such as online banking or personal files via public Wi-Fi at coffee shops and other public places. The widespread use of mobile communication, including cell phones, laptops and tablets, makes consumers particularly vulnerable to fraud and malware risks over public internet connections.
Mobile technology boosts a connected café culture – consumers feel safe and comfortable checking Facebook, sending and receiving emails, downloading pictures, shopping online, conducting mobile banking and even accessing sensitive documents over public Internet connections. Often, consumers are unaware of the severe cybercrime risks posed by these seemingly harmless tasks.
“Consumers can easily access public Wi-Fi networks from just about anywhere – and so can cybercriminals,” said Dean Weinert, product manager, ThreatMetrix. “Cyber threats are certainly a reality at local coffee shops and other wireless hotspots. If consumers don’t take extra precaution to protect their personal devices, they can unwittingly share sensitive information with cybercriminals interfering on the network.”
To help consumers avoid online fraud and malware risks, ThreatMetrix has identified several scenarios of how cybercriminals can access sensitive transactions on public networks.
• Network Scanners – A network scanner detects open ports on a device that’s connected to a network. A cybercriminal can integrate a network scanner with hacking tools to automatically exploit system vulnerabilities, giving the fraudster complete control of a café customer’s device.
• Man-in-the-Middle – Hackers use off-the-shelf or other devices configured as “hotspot honeypots” to intercept a user’s Internet connection, granting the hacker full access to the user’s network connection. This allows them to launch man-in-the-middle attacks such as website redirection, session hijacking and other network-based attacks.
• Social Hacking – Cybercriminals can leave a malicious USB drive on a café table for an unsuspecting, curious customer to insert it into his or her device. The attacker can then capture sensitive information, such as social network logins.
• Hi-Res Video Cameras on Mobile Phones – Cybercriminals can subtly use a hi-resolution video camera on a mobile device to capture a nearby user’s activity. For example, a consumer may enter his or her credit card information or Gmail login into a device while waiting in line, without knowing the cybercriminal is capturing a video of the credentials.
The most effective way for consumers to keep their banking and other personal information protected is to alter the type of behavior and business they conduct in coffee shops and similar environments. Consumers must also make sure to frequently update their operating system and anti-virus software when prompted to do so.
“The bottom line is – consumers are better off conducting mobile banking and other transactions at home on a secure, password-protected network,” said Weinert. “Even so, approximately one in five consumers don’t update fraud and malware protection software beyond the initial three-month trial period after purchasing a new device. Consumers must continuously update such software or risk losing their caffeine buzz once they realize their account has been compromised by a cybercriminal.”
ThreatMetrix is the fastest-growing provider of integrated web fraud and cybersecurity solutions. The ThreatMetrix Platform helps companies prevent unauthorized access to web and mobile applications, protect sensitive data, and secure transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. ThreatMetrix protects more than 1,500 customers and 8,500 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
To join in the cybersecurity conversation, follow us on Twitter @ThreatMetrix.
© 2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.