TNtv Alert: WiFi Phishing
Social Engineering attacks are the fastest way to gain access to wireless networks by bypassing security. WiFi Phishing is the latest in social engineering attacks and is the most powerful. Learn more on how to make sure you're protected in this TNTV Alerts video featuring sales director, Chris Montgomery.
Video Transcript
In today’s day in age, there are many new technological advancements that have created easy access to wireless networks by bypassing security. These network attacks are through social engineering and are the fastest way to gain secured information from a company. The latest and most powerful form of social engineering is called WiFi Phishing. Through WiFi Phishing, hackers put their attention towards cracking passwords and gaining full access to all the information in a company’s network. Many companies are unaware of the dangers that WiFi Phishing can create for this business and the different ways to stop it. In this video, we will alert you on what WiFi Phishing is exactly and how to protect yourself and your company from its damage.
Why is Social Engineering so Powerful?
Social engineering is one of the newest and most enhanced techniques when it comes to stealing information from a company’s network. Through social engineering, hackers have the ability to bypass all forms of security altogether. With the use of tricks, verbal or physical, hackers use these malicious skills to gain access and wiggle their way into your private data.
There are many instances that provide hackers with the capability of getting into your network:
- If you have simple passwords or all your passwords are the exact same
- Different forms of email phishing attacks
- Dropping random USB sticks near your office
- do NOT plug into any computer, give the USB to a trusted IT department professional who will know how to handle it
Oftentimes, hackers will trick employees to enter their passwords into a fake login page or use any of the tactics listed above. Continue reading to learn about a specific form of social engineering, WiFi Phishing, and how to protect yourself against its harm.
What is WiFi Phishing?
As previously mentioned, WiFi Phishing is one of the newest, most powerful forms of a social engineering attack. To walk you through the process of how WiFi Phishing works, we have outlined the steps a hacker will go through to gain your information:
- Hacker removes all users from the WIFI.
- Created a new WIFI with the same name.
- Appears to be a router failure.
First, the hacker will select a nearby wireless network and de-authenticate it from all users, this will essentially jam them from entering into it. The hacker will then create a network that appears the be the exact same as the one the employee was using, a clone network. This clone network is unsecure and will require no password to join. The employee might think that there is just an issue with the router since the WiFi will cut out and be inaccessible. The employee might then try multiple attempts to re-connect to their network, but it will keep failing. This is the point where the employee gets discouraged or frustrated with the network until they see the same network (created by the hacker) that requires no password.
Once the employee eventually decides to join the cloned WiFi network, an official router page will open and informs the employee that an update needs to be installed. Of course, the update will require the employee’s login password. This is the trick that hackers will use to gain employees valuable passwords and gain access to your company’s network. The hacker has time to validate the employee’s password while this “update” is being installed on their computer. Many skilled professionals fall for this trick that hackers are now using to steal data from companies. This is one reason why WiFi Phishing is so powerful because not many people know how to look out for it and may not notice it is happening at the moment.
How to Protect Yourself
Now that you know the dangerous abilities that WiFi Phishing can have on a company, it is time to learn the ways to prevent it from happening. As soon as your WiFi connection goes down and you discover the “same” network that requires no password, immediately contact your IT Administrator before doing any further action. The IT Administrator should be familiar with this tactic and let you know how to proceed. This way the IT Administrator can let the company know of the situation so no other employee falls prey to the phishing.
Another crucial prevention method is to always be suspicious of any odd activity happening online and report it to an administrator. The internet has a ton of information and not all of it is secured. Be wary of what you are clicking on at all times and make sure you are not giving out your password to anyone if you are not 100% sure you know it is safe. Before connecting to an unsecured WiFi network after the connection suddenly drops, pause to evaluate if it seems suspicious because it will most likely be a hacker’s attempt to gain your password information.
6 out of 10 people use the same password across all or multiple sites.
Don’t be one of those people. Make your passwords different and more intrinsic so they are more difficult to distinguish. Again, the prevention methods you need to take to further secure your network and private information include:
- Always be suspicious of any odd activity online
- Check with an IT Administrator before connecting to another network
- If the WiFi connection suddenly drops, pause before taking further action
- Create new, more complicated passwords for all your devices and make sure they are all different from each other
Get in front of the hackers and stop the WiFi Phishing and Social Engineering attacks before they happen. Follow the tactics we discussed to put your company in the best position to fight any phishing attacks or any other security breaches.
