Skip to content
  • (855) 752-5212
Free Quote
Main Menu
  • Services
      • Managed IT & Cloud

      We support RIAs with...

      • Managed IT Services
      • Cloud Services
      • Cybersecurity
      • Business Continuity
      • IT Compliance
  • Learning Center
  • About Us
      • Our Story
      • FAQ
      • Team
  • Contact Us
  • Back to Learning Center

Man-in-the-Middle Attack – SCAM OF THE MONTH

  • Security
Travel-Wi-Fi-Scam-of-the-Month-Banner

Mina was traveling abroad and enjoying a life-changing cultural experience. She was always on the go, taking in all the city sights she could see while updating her blog along the way. To make her blog upload efforts easier, Mina set her phone up with the AutoConnect feature so she could automatically connect to any Wi-Fi network that she’d previously connected to. Mina took a break at a Sam’s Cafe and her phone connected to the “SamsCafe” network. She began updating her blog then realized she needed to check her bank balance. She used her phone and logged into her bank’s mobile website to review her balance. A few hours later, Mina received a message from her bank that her account had insufficient funds and it had been wiped out earlier that day.

Did you spot the red flags?

  • Mina turned on Auto-Connect in an effort to save time accessing the internet.
  • Mina connected to her banking portal while on an unsecured Wi-Fi network.
  • Mina failed to verify the legitimacy of the Wi-Fi network she was connecting to.

What you should know about this scam

Avoid Auto-Connecting/Auto-Joining free Wi-Fi networks. When you use this feature, your device remembers a specific SSID (Service Set Identifier) for a network. Scammers can create their own fake Wi-Fi networks and set their own SSIDs to mirror the account they are mimicking. So, your device will be connecting to a verified SSID but it will be one owned and managed by the scammer.
This is an example of a Man-In-The-Middle Attack where an attacker uses their technology to position themselves between their victim and the platform they are connecting to. By remaining in the middle, the attacker can watch, record, and manipulate their target’s activity, without them knowing. Thus, the websites visited and passwords entered can be easily observed or the attacker could direct their victim to a malicious webpage.

Protect yourself

  1. Try using a VPN (Virtual Private Network) to help create a secure connection.
  2. Use legitimate Wi-Fi connections that you can verify.
  3. Set up Two-Factor Authentication on critical accounts.

Even with these additional security layers, the best approach is to avoid accessing sensitive accounts and information when on a public Wi-Fi connection.

Share:

CONTACT INFO
RIA WorkSpace
  • 8770 W Bryn Mawr Ave
    Suite 1300
    Chicago, IL 60631
  • Toll Free: (855) 752-5212
  • Fax: 877-415-0059
NAVIGATION
  • Services
  • Learning Center
  • Get Your IT Risk Score
  • Blog
  • About Us
  • Contact Us
SIGN UP FOR FREE RIA TECH TIPS
  • This field is for validation purposes and should be left unchanged.

©2023 RIA WorkSpace. All Rights Reserved.

Privacy Policy