The summer vacation season is around the corner and you are out and about a lot. That exposes your phone to WIFI networks. It is very easy for someone to steal your valuable information.
On this blog, I explain how stealing your passwords can be done so easily by explaining how it is done with just a mobile phone and a free app. The purpose of my blog is to educate you and show you how you can also easily prevent getting you and your family trapped into this.
How It Is Done
Let’s say you stopped by at “Café Mocha” to get some coffee and check your social media. Let's say, it offers “Cafe Mocha Guest” as the official access point. The potential intruder sitting in the same cafe does the following;
1. Create the Same access point ID on his mobile Hot Spot with the same “Cafe Mocha Guest” or create another confusing "Cafe Mocha Free" and wait for the unsuspected victim to connect to
2. He has already installed BetterCap on his laptop and connected to his hot spot and running BetterCap. Please note that BetterCap is a legitimate IT Administration and security tool, and it is used to fend off hackers on the network, but the same capabilities can be used by hackers.
4. The victim’s traffic is presented in plain HTTP (no encryption what so ever) and the BetterCap proxy converts the traffic back to HTTPS. Our hacker sees everything you typed
1. Most important. Be suspicious of multiple or duplicate confusing WIFI access point names shown in your WIFI list, like “Hotel Mocha Guest” twice in a row, “Hotel Mocha Free WIFI”, “Hotel Mocha Lobby” or just “Free WIFI”. If your hotel requires a room number and the last name, try typing in fake info. If it does not fail, you just saved yourself.
2. Always watch your address bar and it is showing “Secure” or “Green” icon. If this turns into non-secure plain HTTP, be suspicious. Today, most commercial sites use HTTPS.
3. For important and popular sites, always use 2-Factor authentication. Google, Facebook, Twitter all support this. This will require your phone to confirm a login and a second code (don’t get the code via Email though as that’s captured).
4. Use your own cellular data plans for important access like financial sites or work sites if you can.
A Bit of Our Own Pitch
If you are texting or taking photos/videos and sharing that with your colleagues, our app can help you protect your communications further by:
- Allowing you to use Google two-factor authentications.
- Separating your PHI containing information away from your own photo albums and text message rosters.
Please find out more about WinguMD BodyMapSnap on our home page and try it free.