TEXARKANA, Texas – Some local tech experts say you can forget everything you’ve been told about accessing internet in public places.
It’s not what you do over free Wi-Fi that you have to worry about, but how you connect to it.
With internet connections all around us these days, it’s easier than ever to be connected in such an increasingly tech savvy society. But, not all connections are created equal.
“I really just think it takes a little bit of instinct and a lot of caution,” said Vice President of Information Technology for Texarkana College Michael Dumdei.
The tech team at Texarkana College said it’s easy to be tricked. The hacker creates a dummy Wi-Fi connection using a business’s name and encourages users to download a special program to connect to the internet. They said it’s a danger for both PC and Mac users.
“In order to connect up to a Wi-Fi, you should never have to install an installer. So, the whole point of this hack was to trick you into putting something on your computer that shouldn’t be on your computer,” said Dumdei.
By using legitimate-looking landing pages, hackers earn your trust.
“A real hacker is going to do their research, they’re going to understand their target. And if they understand their target, they are going to create a much better attack,” said Dumdei.
Once the victim gives the hacker access to their laptop’s browsing through the downloaded connection, the hacker can see every site visited and every keystroke submitted. Even passwords.
Experts said what makes this attack so concerning is it’s almost undetectable. They said you will likely notice your internet browsing much slower than normal since your data is running through a middleman. Dumdei said there is a website that may be able to detect if your laptop computer has been compromised by this hack: https://caddyserver.com/docs/mitm-detection.
If you’re a victim of this phony Wi-Fi connection hack, even login information shared via secure websites is visible.
“We’ve been trained all along that as long as you see that HTTPS up there and that little padlock, everything’s good to go. And it is, for the most part,” Dumdei said.
The letters “HTTPS” at the beginning of a web address means the website you’re on uses a secure connection.
“They can see where you’re going, but they can’t see what you’re doing once you’re there,” said Dumdei.
That HTTPS signal acts as a scrambler.
“Unless you have the descrambler on the other end, nobody can understand what’s going on,” said Dumdei.
It provides an extra layer of protection for your information. To really play it safe, experts recommend using multi-factor authentication to log into websites, when available.
“The multi-factor, where you have to have a fingerprint, a phone, something in addition to the user name and password, is a big, big protection,” said Dumdei.
When you log into participating sites, the site asks for you to verify it’s you by sending a text or requiring a fingerprint scan.
Dumdei said it’s too easy to hack someone’s account without it.
Requiring this second step means the hacker would also have to have your cell phone. It will take a little extra effort for you to log in to the desired website, but it adds extra peace of mind for your personal information.
Bottom line, if something seems suspicious, it’s not worth the risk.
“If you’re not sure about it, just don’t do it,” Dumdei said. “Especially if it’s something that’s just kind of optional. You might want it, you might not. If it’s like that, there’s no sense risking your PC, your bank account.”
If you think your device has been compromised, experts recommend bringing it to a professional to investigate. The hard drive may have to be wiped clean.