Use wi-fi in a coffee shop? Here’s how
the man sitting behind you could be
emptying your bank account
Cyber security expert Colin Tankard
reveals how hackers hijack computers.
COFFEE SHOP IS HOTSPOT FOR SPIES
On escaping the hotel I take solace
with a latte at a coffee shop in my
nearby hometown of Bishop’s Stortford,
Gingerly opening my
laptop I am now far more wary of
Tankard and his underhand tricks.
I try to log on to the cafe wi-fi. It
seems easy to spot as the free internet
connection has the cafe’s name ‘NERO’
in capitals.
Yet unbeknown to me this wi-fi has
absolutely nothing to do with the
coffee chain.
It is a fake put there by
Tankard who is broadcasting the signal
from his pineapple hacking device.
The signal on an imposter wi-fi can often
be stronger than the authentic public system.
Many people – including me –
wrongly equate this increased strength
as a sign it is the genuine source.
But the coffee shop’s real wi-fi uses
‘The Cloud’ and requires an email
address and password.
To access this
I must first register – providing my
name, address, phone number, date of
birth and even my mother’s maiden name.
Now Tankard starts to play a popular
hacking game called ‘man-in-the-middle’.
He watches me as I go on an online
shopping expedition using Amazon –
spying as I obliviously tap away on the
website in search of a good summer
read.
Like any self-respecting hacker he has
previously downloaded software on to
his computer that alerts him with a
pop-up window when a victim – it could
be anyone in the coffee shop that
mistakenly latches on to his sham wi-fi
source – taps into one of hundreds of
websites on his hit list.
This includes high street banks,popular shopping
websites and utility firms from which
he hopes to steal details and money.
My laptop shows a bogus Amazon home
page – a carbon copy of the real thing
– that his computer has automatically
sent via his hoax wi-fi.
It enables him to harvest my log-in
details and password. Tankard says he
can use these at his leisure to go on a
shopping spree at my expense arranging
for purchases to be sent to another
address by later tampering with the
delivery settings.
Tankard says that even if I had used a
secure password on my home wi-fi
booster it would still be no match for
a serious hacker wielding a ‘pineapple’
device.
The beauty of this hack is that with my
log-in and password he does not even
need to know my credit card number
– as this is already stored
on my Amazon account.
Bought items can be posted to a vacant
home where they are picked up – leaving
victims none the wiser until they get
round to checking their bank statement.
Having stolen my personal information
the page then freezes in front of my
eyes.
But I do not worry too much as it just
looks like the internet connection has
simply dropped out. I log in again –
this time to the authentic cafe website
– but by now the fraudster has long
gone with his ‘loot’.
To be continued…..
—————————————————————
Please make time to view this
free webinar from my mentor,
John Thornhill:
Product Creation Workshop
https://jvz7.com/c/593801/305413
Please make time to watch this!
Leave A Response