NEWwbztv-small wbz-am-small 985-small mytv38web2
LIVE TONIGHT: PMC Opening Ceremonies, 7:30 p.m. On WBZ-TV & CBSBoston.com

Local

Hackers Preying On Internet Browsers Using Free Wi-Fi

By Kate Merrill, WBZ-TV
View Comments
Free Wi-Fi may not be as secure as you think.

Free Wi-Fi may not be as secure as you think.

WBZ-TV's Kate Merrill Kate Merrill
Kate Merrill is an Emmy award winning journalist for WBZ-TV News and...
Read More

Get Breaking News First

Receive News, Politics, and Entertainment Headlines Each Morning.
Sign Up

BOSTON (CBS) – Walk through any of Logan Airport’s terminals and you will find people with their heads down, busily plugging away on their laptop courtesy of free Wi-Fi provided by the Airport.

In fact, Massport announced last week that use of the Logan’s free Wi-Fi rose more than 400% just in the last year.

For business travelers and vacationers alike, it’s a great convenience.  “It’s a huge resource,” one businessman from California told us. “I love having it traveling.”

There’s no question that an easy Wi-Fi connection is convenient, but is it safe?

We asked security expert Chris Eng of Veracode in Burlington to demonstrate just how easy it is to fall victim to potential hackers.

It took him just five minutes to set up a fake Wi-Fi hotspot and almost immediately, people were logging on.   Eng never violated anyone’s privacy, but he could easily have picked up user names and passwords.

WBZ-TV’s Kate Merrill with the report. 

Here’s the problem: Eng’s fake Wi-Fi which he labeled “Logan Wi-Fi free” looked just like the real one, labeled “Logan Wi-Fi”.

Anyone who chose “Logan Wi-Fi Free” was actually going through Eng’s computer to get to the internet.  “I can go hone and log on as you using the password that I captured and empty your bank account,” he said.

What’s even more troubling, you don’t need to be a security expert.   There is a simple, free program that turns just about anyone into a hacker.

“Anyone with a computer and a web browser, they can download it in about two minutes,” Eng Said.  It’s called Firesheep and it allows anyone to track users on legitimate public Wi-Fi hotspots.

“It knows how to recognize accounts for certain popular websites,” Eng said.  Sites like Facebook, Twitter, Gmail, Hotmail and even Amazon.

Once Firesheep sees someone logged into one of those sites, it automatically pops up on your computer and you’re logged in as them.

It would be simple to hijack someone’s e-mail or Facebook page.  Eng said someone with some computer knowledge might even be able to get into a bank website.

These dangers are certainly not limited to airports.  Every time you log in at a coffee shop, a hotel or even your local library, you could be fair game for an attacker.

“People definitely need to be thinking about what they’re doing and being aware that these attacks are possible,” Eng said.

View Comments
blog comments powered by Disqus