Beware of fake Wi-Fi hotspots when making contactless payments
By UK CreditCards.com
Fraudsters are able to target credit card users by setting up fake wireless internet hotspots in public places, a Guardian investigation has found.
Research commissioned by the newspaper confirmed that it is indeed possible to gather passwords and credit card details from smartphone users in this way. During the first test, a mobile Wi-Fi router was set up at London's St Pancras International station and several smartphones attempted to connect to it.
Investigators then set up a fake paid-for Wi-Fi gateway at Waterloo station and found that three people attempted to log on and provide credit card details during the 30-minute test period, even though the usage policy warned that their private information would not be protected.
BT, which operates about 2.5m Wi-Fi hotspots, told the Guardian that the industry had been aware of the flaw "for some years" and that efforts were being made to address it.
Stuart Hyde, head of e-crime prevention at the Association of Chief Police Officers, also confirmed that criminals could use Wi-Fi to ensnare unsuspecting members of the public, many of whose smartphones are set up to automatically connect to Wi-Fi gateways.
"Until there are improvements in security, I would advise people to be very wary indeed when using insecure Wi-Fi in public places," said Mr Hyde to the newspaper.
The warning comes just weeks after life assistance company CPP published research showing that 54% of second-hand mobile phones contained credit card details, usernames and passwords from a previous owner.
Published: 26 April 2011
- Your credit limit: use it or lose it – Thanks to new rules, you may find unused credit cards or credit limits taken away in the next few months ...
- What's safer: your card details or your health details? – According to a study, more Brits trust their doctor than their card issuer. But is that mistrust unfounded? ...
- Section 75 and third parties: when you aren't protected – Section 75 may not apply if the relationship between the debtor, creditor and supplier is broken by a third party ...