A recent Guardian investigation has uncovered that millions of BT customers and smartphone users who use public Wi-Fi hotspot connections are vulnerable to identity thief and fraud.
Security experts, in tests that were conducted by volunteers, in order to not break any telecommunications or computer laws, were able get messages, usernames, and passwords from those phones that were accessing public Wi-Fi.
If the phone is just turned on the bestselling Apple iPhone 4 and or smartphones can have their user’s information harvested without their knowledge and even when not on the internet.
The UK’s largest provider of hotspots, BT with over five million Openzone connections throughout the UK located in hotels, airports, trains stations did admit for years they have been aware of this weakness in the system and they are currently working on getting a permanent fix but have not timetable as to when the fix might be implemented.
The Guardian investigators using software readily available via download on the internet and a £49 piece of communications equipment were able to undercover that crooks construct bogus Wi-Fi gateways that would cause the most recent mobile phones to connect automatically.
Then once you have a connection the information going through the gateway can be decrypted or read directly. In another example users were prompted to pay in a fake Wi-Fi hotspot with a credit card and they were required to click a box to supposedly accept terms when what was in the text was that you agreed they could do anything they wanted with your credit card.