Not according to Avast, who managed to fool more than 2,000 attendees into exposing their browsing habits at Barcelona’s El-Prat Airport.
The PC and mobile-security company had devised an experiment to demonstrate the risks posed by public Wi-Fi hotspots, and more specifically by mobile users’ tendency to “throw caution to the wind” when searching for Wi-Fi access on the move. The experiment involved setting up Wi-Fi networks at the MWC registration booth at Barcelona airport with SSIDs that sounded commonplace, or otherwise as though they had been set up for MWC attendees.
Many of us will have been in a situation where, in our quest for connectivity, we’ve connected to an authentic or otherwise familiar-sounding public hotspot without giving it much thought. Yet as Avast points out, this practice is fraught with risks. Cyber criminals often set up password-free Wi-Fi networks using generic-sounding SSIDs in order to trick users into logging on. After doing so, hackers can spy on users’ web habits and any personal information they share while online.
In four hours, Avast was able to view more than eight million data packets from more than 2,000 MWC attendees who had been tricked into connecting to the company’s bogus networks. Not only was the company able to learn the device and user identity of 63.5% of those visitors, but it also picked up on some much more amorous habits – namely that 1% were observed using dating apps.
Gagan Singh, president of mobile at Avast, said: “Many individuals recognise that surfing over open Wi-Fi isn’t secure. However, some of these same people aren’t aware that their device might automatically connect to a Wi-Fi network unless they adjust their settings. With most Mobile World Congress visitors travelling from abroad, it’s not surprising to see that many opt to connect to free Wi-Fi in order to save money, instead of using data-roaming services.
“When taking this route, people should utilise a VPN service that anonymises their data while connecting to public hotspots to ensure that their connection is secure.”
Avast points out that in order to protect users’ privacy, it only scanned the data rather than storing it during the experiment. The company prides itself as being the creator of “the world’s most trusted” mobile and PC security software. Let’s just hope this little exercise won’t cost it the trust of its users.
By Owen Hughes