New Evil Twin offspring phishes for Wi-Fi users

Business travellers frequently using airport and other wireless hot spots have become the target of a malicious new phishing scam, wireless security and monitoring vendor AirDefense warned. This newest Wi-Fi phishing attack is a more sophisticated version of an "Evil Twin" attack that propagated over the internet earlier this year in January.

  • E-Mail
By  Jane Plunkett Published  May 26, 2005

Business travellers frequently using airport and other wireless hot spots have become the target of a malicious new phishing scam, wireless security and monitoring vendor AirDefense warned. This newest Wi-Fi phishing attack is a more sophisticated version of an "Evil Twin" attack that propagated over the internet earlier this year in January. Evil Twin, also known as access point (AP) phishing, is a technique whereby an attacker lures victims into connecting to a laptop or PDA by posing as a legitimate hotspot. When users log in and access the phony sites providing personally identifying information, their computers are hit with as many 45 viruses, according to AirDefense. The phishing scam was discovered at several recent wireless technology trade shows, the company said. AirDefense warned it has identified scammers spoofing "free_extreme," the free wireless access sponsored by Extreme Networks. Once unsuspecting users made a wireless connection, they received a false page with a mouse-activated web overlay. Any click of the users' mouse would trigger a downloading of viruses, regardless of where the user clicked on the Web page. Richard Rushing, chief security officer for AirDefense, suspects the custom scripts were launched with a distinct purpose in mind. "Attackers are most interested in stealing user IDs and passwords to gain access to corporate networks," said Rushing. Business people are therefore in great danger, warns Jay Chaudhry, the chairman and co-founder of AirDefense, as so many transactions are done over the internet and the average business executive has no clue of the potential threats. "Hackers have moved away from the challenge of simply trying to access a device. They are now interested in commercial gain. The most lucrative and easiest place for hackers' commercial gain is business hot spots such as airport lounges, hotels and conferences," Chaudhry said. AirDefense recommends that wireless users take several security steps, to avoid falling prey to the scam. When accessing their accounts at hot spots, users should enter passwords only into Web sites that include a Secure Sockets Layer key at the bottom right of the Web browser. Users should also avoid hot spots where it's difficult to tell who is connected, such as at hotels and airport clubs. Hot spots should only be used for Web surfing and not for making online purchases or any other transactions where account numbers or passwords are needed, the company said. Users should also turn off or remove their wireless cards from their computers when they aren't accessing a hot spot to prevent others from accessing their machines, the company said. Users are also encouraged not to use unsecured applications such as e-mail or instant messaging while at hot spots. All patches for personal firewall and security software should also be continuously updated. The phishing scam was discovered at several recent wireless technology trade shows, the company said.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code