ALBUQUERQUE, N.M. — Everyone by now should know about the dangers of using free public Wi-Fi to make credit card purchases or do online banking. In a nutshell: Don’t do it.
However, the federal government late last week came out with a new warning that should give pause to anyone who has a smartphone, laptop or other such device connected to a Wi-Fi network – even those at home.
Researchers recently discovered a bug that allows hackers to break the encryption that protects most wireless networks. Specifically, the vulnerability is with the WPA2 encryption standard, which “nearly all Wi-Fi devices on the market today use to scramble communications, preventing eavesdropping and tampering,” the Federal Trade Commission said in an alert late last week.
That means any data sent over the network could be exposed to hackers.
The vulnerability also appears to allow someone to inject ransomware or malware onto websites, depending on the network, according to the researchers.
“Basically, if you use a device to connect to a wireless network at home, work, or elsewhere, this bug means you cannot rely on that connection being secure,” the FTC says.
But there is good news.
It appears that hackers must be nearby to directly connect to your Wi-Fi and exploit the newly discovered weakness, according to Forbes. The other good news is that device manufacturers and software companies are rolling out patches to fix the problem.
Apple, for example, says it has a fix coming for its Mac and iOS operating systems that should be available soon.
In the meantime, the FTC advises considering connections other than Wi-Fi, like your smartphone’s 4G/3G carrier connection or a connection with an Ethernet cable, because those are not affected.
Also, consider a virtual private network (VPN) app or service because it provides another layer of protection for personal data. Such networks encrypt traffic between a computer and the internet, even on unsecured networks. Some of these services are free, while others charge a subscription fee.
And here’s another, unrelated tip when it comes to public Wi-Fi, such as those offered at airports or restaurants.
AARP’s Fraud Watch Network is advising people to ask an employee at the location for the name of the network. Seems that scammers have been setting up their own “evil twin” access points in hopes your computer or device will automatically connect to it without your consent.
“Don’t just assume that `free airport Wi-Fi’ is a legitimate wireless network; it could have been set up by a hacker to trick you into connecting,” AARP says.
It suggests checking settings to make sure the device doesn’t automatically connect to any free public Wi-Fi that’s within range.
n n n
Mary, who lives in Albuquerque, is 77. She got a bachelor’s degree from the University of New Mexico more than a half-century ago. Needless to say, Mary does not have college debt.
But that didn’t stop scammers from trying to sell her a deal that would help her arrange payment for her supposed student loan – or to seek forgiveness of the debt altogether.
Several people in the Albuquerque area have reported such calls in the past few months.
These types of scammers often claim to be affiliated with the government or the consumer’s loan servicer, telling the person who answers the phone that they were “pre-approved,” “pre-qualified” or “qualified instantly,” according to the Federal Trade Commission.
The agency earlier this month announced “Operation Game of Loans,” a joint FTC and state law enforcement sweep against student loan debt relief scammers operating from Florida and California.
It is warning people to never pay an up-front fee.
“It’s illegal for companies to charge you in advance before helping you,” the FTC said. “If you pay upfront to reduce or get rid of your student loan debt, you might not get any help – or your money back.”
Ellen Marks is assistant business editor at the Albuquerque Journal. Contact her at firstname.lastname@example.org or 505-823-3842 if you are aware of what sounds like a scam. To report a scam to law enforcement, contact the New Mexico Consumer Protection Division toll-free at 1-844-255-9210â€‹.