Criminals are hacking into public and commercial wi-fi hotspots to steal people’s private data and credit card details, police are warning

Detectives say victims of the attacks are often not aware of how cyber-hackers gained access to their bank accounts, and warn that the attacks are hugely under-reported. Only 33 people have said they have lost money after being hacked while using a public wi-fi spot in the past five years. The real figure is almost certainly much higher

Police say one of the most common threats to public wi-fi is a “man in the middle attack” when a cyber-criminal takes over a public network and relies on the established connection to the victim’s machine to redirect communications through his network.

Another method is to set up a spoof network — or “evil twin” — using the name of a shop, hotel or cafe for  example, and then infiltrate the un-suspecting victim’s device when they try to log on.

The alert was raised  by Action Fraud, the agency run by City of  London police which collates all reports of fraud in the UK. Steve Proffitt, the deputy head of Action Fraud, said: “There is no doubt that people face risk when they  connect to a public wi-fi network.

“It is important that people consider what they use public wi-fi for and are aware that there are cyber-criminals who will use every opportunity to infiltrate networks in order to gather  personal and financial details.”

There are now an estimated 269,000 free wi-fi points in the UK, compared to 202,944 in 2014, mostly used for  emailing and social networking.

The fraud detectives warn that people using public wi-fi should avoid online banking, downloading apps, installing updates and online shopping, and try to check if a network is genuine.

You may also like...

Keep Up To Date - Subscribe To Our Email Newsletter Today

Get the latest industry news direct to your inbox on all your devices.

We may use your information to send you details about goods and services which we feel may be of interest to you. We will process your data in accordance with our Privacy Policy as displayed on our parent website