10-May-2005
Phishers are now attempting to attack Wi-Fi networks.

A new form of phishing attack which targets Wi-Fi users was discovered at a recent WLAN event in London.

The attack works when a phisher creates a fraudulent spoof website which appears to be the log-in page to a Wi-Fi network. When the user logs in through the website script up to 45 viruses and Trojans are sent to the computer. Wi-Fi business users, who are more likely to have information worth stealing, and who meet in public places such as hotel meeting areas and airport lounges are being warned to be especially careful.

This is not the first Wi-Fi orientated phishing attack though. January saw the "Evil Twin" phishing attack where phishers lure Wi-Fi users into connecting to bogus "hotspots." Once connected to the hotspot, scripts are run which solicit personal information from the Wi-Fi user.

AirDefense, a Wi-Fi security protection firm urges users to keep up to date with firewall and security patches, only enter passwords into websites which include SSL keys and avoid connecting to hotspots where it is difficult to tell who else may be using the hotspot service.