Beware of fake Wi-Fi hotspots when making contactless payments
By UK CreditCards.com
Fraudsters are able to target credit card users by setting up fake wireless internet hotspots in public places, a Guardian investigation has found.
Research commissioned by the newspaper confirmed that it is indeed possible to gather passwords and credit card details from smartphone users in this way. During the first test, a mobile Wi-Fi router was set up at London's St Pancras International station and several smartphones attempted to connect to it.
Investigators then set up a fake paid-for Wi-Fi gateway at Waterloo station and found that three people attempted to log on and provide credit card details during the 30-minute test period, even though the usage policy warned that their private information would not be protected.
BT, which operates about 2.5m Wi-Fi hotspots, told the Guardian that the industry had been aware of the flaw "for some years" and that efforts were being made to address it.
Stuart Hyde, head of e-crime prevention at the Association of Chief Police Officers, also confirmed that criminals could use Wi-Fi to ensnare unsuspecting members of the public, many of whose smartphones are set up to automatically connect to Wi-Fi gateways.
"Until there are improvements in security, I would advise people to be very wary indeed when using insecure Wi-Fi in public places," said Mr Hyde to the newspaper.
The warning comes just weeks after life assistance company CPP published research showing that 54% of second-hand mobile phones contained credit card details, usernames and passwords from a previous owner.
Published: 26 April 2011
- What protections do credit cards offer (besides Section 75)? – Section 75 is a well-known credit card protection, but it's not the only one. Here are some lesser-known defences ...
- Equifax reveals millions affected in data breach – Millions of records were accessed and hundreds of thousands are at high risk after the Equifax data breach ...
- Equifax suffers major breach - are you affected? – A breach at Equifax exposed details of millions of US consumers - and some UK consumers. Here's what you need to know ...