Shady public wi-fi networks are up there with Nigerian scammers for the most cliched way to get hacked. But just as surely as people will continue using “password12,” if you set up free wi-fi then people will come.
To prove the point, researchers from Avast set up a bunch of likely-looking wi-fi networks at the Barcelona airport, in order to trap people passing through for Mobile World Congress. Using names like “Starbucks,” “Airport_Free_Wifi_AENA” and “MWC Free WiFi,” the researchers captured two thousand users in four hours.
From their unsuspecting victims, the researchers were able to pull a bunch of data, like what websites they were browsing and what apps were installed on phones. If they were more nefarious, they would have been able to pull any sensitive (and non-encrypted) information being transmitted.
The results aren’t really a surprise: Even I’ve randomly connected to wi-fi in airports when I’m in need, and I never use a VPN on my phone. But still, it’s a timely reminder not to connect to unknown networks, and if you do, don’t log into your online banking.