There is a suspicious new internet trap going around and you may be at risk. Do you want your passwords and information to be taken? A program called WiFiPhisher has been going around and is becoming very popular with hackers. To ensure you know what to do if this happens to you or if you are at risk, read through the following blog post.
What is WiFi Phishing and Am I at Risk?
WiFi phishing is considered a social engineering attack. Social engineering attacks are particularly dangerous because they will usually bypass security altogether, rendering your existing protection efforts useless.
Wifiphisher is a specific program hackers use to gain access to private WiFi networks. It’s not brand new, but it has been becoming more and more common in the last few years as WiFi has become more ubiquitous.
There are a few different ways social engineering attacks can happen. WiFi phishing, tricking a coworker to give you their password, email phishing, and leaving random USB drives around the office. Someone will pick it up and plug it in to their computer and it will then get the password from the computer.
Social engineering is very tricky, most of the work is being done by the victim. They are giving the hackers all the information they want because they do not know they are talking or interacting with a hacker. They just think it is the network operator doing their job to help get the internet back up and running.
How WiFi Phisher Works
The way WiFi Phisher works is, the hacker will connect to a nearby WiFi network. Then they will remove all users from the WiFi network making it seem like the connection went down. While the no one is on the network, the hacker will make a duplicate of the network with the same name, but this network will not need a password to log in. Most people will think it is a problem with the router since you are still able to see the network but are unable to connect to it. No matter how many times you try to login to the protected network, it will not work. So, most people end up getting impatient and joining the non-password protected network.
When you click on the unprotected network, a page will show up that looks official telling you that the router is undergoing a firmware update and until you enter your password, the internet will not be working. After reading that, most people will enter the password because they need to use the internet. After you enter the password, a loading symbol will appear, and it will seem like the internet is rebooting while all of the devices previously connected to the network will be reconnected. While you are on the loading page, it gives the hacker some time to check and see if the password entered works.
Protection Against WiFi Phishing
There are some ways to protect against WiFi phishing. Here are some tips to not get tricked into giving out your passwords. If your internet connection suddenly drops and a new network pops up that is not password protected, do not connect to it. Even when connecting to a new network, ask around and make sure it is the right one before connecting to it. Most companies will have a main IT person, ask them before doing anything that could compromise your passwords.
This is a relatively easy way for a hacker to get your password. Today most people you the same password for many of their online accounts. One of the reasons people use the same passwords for multiple or all the accounts is because basically every website you go to wants you to create an account with that company. But you do not want to forget the password and must go through the forgot password process. So, people just make all their passwords the same or slightly different. This is very important because if you use the same password for your bank login, the hacker will have full access to your accounts.
Phishing attacks are becoming more and more popular as more people use the internet on a regular basis. When on the internet, you should always be on the lookout for suspicious activity. If you have any concerns or questions about something suspicious, go and talk to the IT department of your company. Make sure to use different passwords for different websites, so if your password does get taken, they won’t have access to all your information. Also, do not connect to public WiFi networks. There could be a hacker ready to take your information. You do not know who is connected and what their intentions are.
Staying a step ahead of hackers is your best defense against hacks and ransomware. Education is the key to getting the upper hand. ThrottleNet’s latest TNtv Alerts video has the scoop on one of the newest and most powerful types of phishing attacks: WiFi Phisher.
If you have any questions about how ThrottleNet can help protect your business or personal information. Go to the contact page on our website. We would love to hear from you. We have IT experts waiting to answer any of your questions you have about IT. We hope to hear from you soon!