Okay, so you're grabbing a bite and a cup of coffee at Panera and you pull out your laptop and look for Panera's Wi-Fi signal. You see it, log in and start using your computer. But one question: How do you know the signal that you're using is really Panera's.
Or this: You're out of town on business and you log into your hotel's Wi-Fi, but when you get home, you find out your personal information has been compromised. A few days after that, you learn the Wi-Fi signal you were using at the hotel was fake.
According to Adam Levin, chairman of Identity Theft 911, phony Wi-Fi signals are used all the time.
"The most common locations for Wi-Fi scams are hotels, coffee shops and airports," he said in an interview with ConsumerAffairs. And how do scammers do it? Levin says they set up signals that look exactly like the real thing.
"When you are looking for a free network at, for example, a hotel, conference, restaurant or airport and see "free Wi-Fi," or something which looks very much like the free network where you are staying, you may be staring at a hot spot scam."
And once you see a certain logo or symbol associated with the Wi-Fi, like a Panera logo for example, you automatically let your guard down, says Levin.
"You connect to it because it sounds right and/or it shows up as being the strongest signal," he explains. "Basically, according to Computerworld, you may have just encountered a 'man in the middle' scam and are connecting to the Internet through the hacker's computer."
"This means--since your cyber gateway is the connection through his computer--he is monitoring your online activity."
Security expert Apolonio Garcia, of the company Health Guard IT Security, says it's extremely easy for scammers to set up phony Wi-Fi signals, especially in places that are usually considered secure.
"If you're in an airport, you can make it an airport hotspot," said Garcia in a published interview. "If you're in a coffee shop, you can make it the name of the coffee shop."
Steve J. Bernas, president and CEO of the Better Business Bureau in Chicago, said hotels are especially vulnerable, because scammers know that often let their guard down when they're staying in a comfy place away from home.
And many times, folks have more time to browse the Internet and do things like check their social media page when they're staying in hotels.
"Checking personal and work email as well as updating social media posts while on vacation are common," said Bernas.
"Scammers know that because many hotels charge for Wi-Fi, a free connection looks appealing. However, by connecting to an unknown and unsecure Wi-Fi connection, you are letting the owner of the connection see all your Internet activity."
"This could include your personal information, banking information and other Internet browsing activity."
And if you see two of the same Wi-Fi signals in the same location, Levin says to stay away from both.
"The best defense against an attack is not to be there," he said. "Therefore, only connect to a network that you know for sure is the real deal. Keep in mind that a clever hacker can name a network virtually the same name as the authentic network. If they don't, make sure you know the exact name of the network you want to log onto."
"If you only see one network with the precise name given to you by a knowledgeable representative at the location, it is far less dangerous than if you see two networks with the exact same name. If so, do not use either one," Levin advises.
In addition, he says don't even use free Wi-Fi if you can help it, because there are much better ways to go.
"Frankly, it's best not to use free Wi-Fi but use a virtual private network that you can get through various outside companies (security software firms), service providers such as AT&T or Verizon, or through your work. These are effectively encrypted conduits."
Chances are you can also connect through your smartphone. Major carriers offer wireless broadband via your phone. It works quite well but will cost you a few bucks per month.
Here are Levin's other tips to avoid being scammed:
- Turn off ad hoc mode (generally not turned on, but might be)
- Turn off file sharing (many people have this turned on in order to share files, folders, resources with others on their network).
- Turn off visible network. This makes your network invisible to others. If you get to a public hot spot, designate it "public" on your computer. This makes it invisible to others who might try to connect to you for various reasons, most not good for you.
- Encrypt your email (check your email programs, many allow you to encrypt both incoming and outgoing email).
- Carry an encrypted thumb drive and keep private data on it and not your computer.
- Disable your wireless adapter. Oftentimes it's best to avoid all wireless exposure.
- Be alert and keep an eye out for those who might be peering over your shoulder.
- Always keep your firewall on.
And if you ever fall victim to a Wi-Fi scam, Levin says you should do the following:
- Run a full security scan of your computer and determine if there is malware, or a virus.
- Buy programs to remove malware, viruses, etc., from your computer. Better yet, use a professional to inspect and clear your computer of viruses and/or malware.
- If you don't already have it, buy the most sophisticated firewall and/or security software programs available for your computer and make sure they are either automatically updated or you update them frequently.
- Change all of your passwords on all email, social networking, financial service sites and retail sites.
- Consider putting a freeze on your credit files.
- Get a free copy of your credit report from each of the three national credit reporting agencies at www.AnnualCreditReport.com