MILWAUKEE — “Digital pick pockets” are ready and waiting for you to give them the information they need. The FBI Cyber Crimes Unit says last year, they stole more than $485 million! Your laptop, your phone and your iPad can all be easy targets for these “digital pick pockets.”
You’ve probably logged on to a “Free Wi-Fi” network at a coffee shop or the airport. Free Wi-Fi is everywhere these days, and where there’s a connection, there can be danger.
Mark Chapman is an internet security expert who works with companies testing security – so he gets paid to hack! “I’m definitely a good guy, but you have to be able to think like an attacker and think like a hacker, and know what they would do,” Chapman said.
FOX6’s Contact 6 asked Chapman for a demonstration on how easy it can be for someone to watch you, control you and steal your information without you even knowing it!
In Milwaukee’s Historic Third Ward, Contact 6 set up a wireless hot spot. The name was simple and clear: “Free Wi-Fi Unsecured.” It was free, but it was an unsecured network. Within two minutes, others were online! Contact 6 was able to see the types of devices that were connected – one was an iPad and another was a Windows machine.
Chapman showed Contact 6 how it was possible to identify the websites those devices accessed. “Restaurant.com, ScanAlert.com…someone went over to Twitter,” Chapman said.
Chapman even showed Contact 6 how it would be possible to do damage! “Somebody’s connecting up to their account at an online bank, so they’re doing banking online. A real evil-doer could redirect your browser and your machine to a site that would have malicious code, and then that malicious code can infect your machine,” Chapman said.
Contact 6’s Katrina Cravy sacrificed her own security to show how this redirect works. Chapman used his free, unsecured network, using his smartphone as a portable Wi-Fi hot spot. Cravy logged on to Wisconsin’s state website – Wisconsin.gov. From Chapman’s computer, he redirects Cravy in seconds to the state of Illinois website.
Chapman didn’t even have to use any real special or expensive equipment – he just knows what to do, like any hacker would. “People can be too trusting of logging onto certain wireless access points and going to certain sites,” Chapman said.
Especially when it comes to something seemingly simple – like email. Chapman has Katrina Cravy log onto FOX6’s web-based email browser…and seconds later, Chapman knows her password!
Chapman made a fake email site, made to look like FOX6’s email browser. Cravy logged in, not spotting the subtle differences he created!
Chapman says hacking really is that easy!
“If this story can help users be more aware of what security threats are out there, and what they can do about it, then that’s something that is very worthwhile,” Chapman said.
Hackers do face consequences for their actions, but don’t wait to become a victim! Be sure to log onto only secured websites – ones with “s” next to the “http” in the web address bar.
Also – never ignore certificate errors. They tell you whether the site you’re about to go to is safe and secure.