WiPhishing - phishing to wireless LAN users. Get Real: Stowe Boyd's Soapbox

Home > Weblog Columns > Get Real

Quote

"I can’t think of anything that demonstrates the sovereign nature of the self better than a blog.” - Doc Searls

About the Author

Stowe Boyd is a well-known media subversive, and an internationally recognized authority on real-time, collaborative and social technologies. His new blog is Message.

Check out the The AppGap - a group blog on the tools and trends that are changing the way we work.

« Gumball 3000 Rally: Live Loc Tracking | Main | Jon Stewart/Daily Show on Watching The Watchers »

May 14, 2005

WiPhishing - phishing to wireless LAN users

Posted by Arieanna Foley

Phishing is more ubiquitous than ever, it would seem. I saw a report on Mobile Pipeline of yet another phishing variant - that of attacking wireless LAN users. It would seem that no vulnerability is left open to chance - nor, for that matter, any opportunity left untapped. This is a sophisticated model of phishing, and one that could easily catch many people, knowledgeable or not.

Basically, the new phishing model will start with a log-in page for a public WiFi network. What you'd expect at any hotspot, really. That is why this is so sneaky.

Without realizing it, the user will enter personal information to the logon page, whereupon the hacker will proceed to put 45 or so viruses onto the computer.

The attack is specifically targetted at business people - it will typically take place at a tradeshow, airport or conference.

What can you do? Use a firewall. Use only those websites that have SSL security (watch for the logo and click on it). Try to use a VPN (virtual private network). Don't stay connected to the wireless network if you don't need to be.

Makes me a little wary about taking my laptop to unknown destinations and playing with it over 'free' wireless networks. After all, I've only had it a couple of days now. Loving it. PowerBook G4. My first Mac. Great choice. I've been raving about it on my blog a ton. Sidetracked there. Point is: be careful.

[tags: phishing]

Comments (1) + TrackBacks (0) | Category: Technology

COMMENTS

1. Brad Bowers on May 15, 2005 05:24 PM writes...

It seems some companies are starting to address such vulnurabilities that you mention.

JiWire.com has a new product that lets subscribers tap into a private VPN account, and ensures that the info coming and going from a user's laptop is encrypted. This gives great protection to a user even if they are logged into a "fake" network.

The product was just beta released.

(Full disclosure: my company represents JiWire for business development partnerships).

Permalink to Comment

RELATED ENTRIES: › Reminder -- /Message; › /Message - A New Blog; › The Individual Is The New Group -- Part 1; › 1000 Tags: Tag Advertising; › Social Ethics And Technology Design; › Nancy Hass on In Your Facebook.com; › Black and White and Dead All Over: Is Newsprint Dead?; › Anonymous Trolls, Beware: You Are Breaking Federal Laws

Shows

THE NEW VISIONARIES: REBOOTING THE WEB
[Starting in January!]

BEHIND THE SCENES
sponsored by GoToMeeting
› 24 Dec 2005: Behind The Scenes [next episode - postponed for Transit strike]
› 30 Nov 2005: Behind The Scenes at Behind The Scenes

PODCASTING ON WINDOWS
sponsored by GoToMeeting
› 29 Oct 2005: Video Podcasting
› 20 Oct 2005: Online Services
› 3 Oct 2005: Audio Editing
› 22 Sep 2005: Introduction to Podcasting

GET REAL SHOW
sponsored by GoToMeeting
› 3 Nov 2005: Interview with Eric Rice, Audioblog
› 31 Oct 2005: Interview with Rick Klau, Feedburner
› 29 Oct 2005: Interview with Lee Wilkins of Podcast.com