The trap of free Wi-Fi

Today I was at one of the famous and well-known CCD (Café Coffee Day) shops in a prime area of Bengaluru. The sticker on the entrance glass door caught my attention — “Push-in for free Wi-Fi and brewed happiness”.

I got curious to understand how secure is this free internet. Pulled out my laptop, opened Kali Linux, and set it up to monitor the internet traffic.
I was surprised to see that most of the traffic was just in mere plain text. To make it more interesting, I just tried to set up a more sophisticated banner and waited for people to use it.

This is what I got: Credentials of different people using Netflix, PayPal, Facebook. All it took me was 47 minutes!

There were around 11 tables occupied by customers. I went to each of the tables to check who was using these sites and asked if those were their user details and passwords. They were shocked for a minute. Unless you go to people with a PoC (Proof of Concept) or evidence, they won’t believe you.

But as I explained the dangers of using public free Wi-Fi, they realized the impacts of simply hooking up to the things available for free. I assured them that I have not used their credentials to log in to their accounts and asked them to immediately change their passwords.

Many times we fall into this trap of Free Wi-Fi. Trust me, it is super dangerous.

The key dangers of using public free Wi-Fi:
1. Theft of personal and confidential information
2. Attacks on businesses
3. Man-In-The-Middle attacks
4. Unencrypted connections
5. Packet sniffing
6. Malware (virus, worms, trojans) distributions

October is National Cybersecurity Awareness Month (NCSAM). This year’s theme “Do Your Part. #BeCyberSmart” puts an emphasis on personal accountability while stressing the importance of proactively enhancing cybersecurity at home and work.

Spread the awareness!