Beware of Data Thieves at World Cup 2014 in São Paolo
In the wake of data roaming charges for cell phones generally being very expensive, a lot of travelers en route for the World Cup 2014 in Brazil will probably just choose to make use of free Wi-Fi access points, and in all probability not give much thought to security issues.
This is a very risky approach, nonetheless, for the reason that all the data that is sent or received on open Wi-Fi networks may perhaps be intercepted. Passwords, followed by PINs besides other sensitive data might also fall into the hands of cybercriminals if public charging stations are used – in Brazil these widely available chargers may be malicious.
A Case of Insecure Wi-Fi Networks
Kaspersky Lab security experts coxswained research into Wi-Fi access in São Paulo. This entailed that they drove 100 km around the city and checked out more than 5,000 different access points popular surrounded by tourists – parks, followed by malls, airports as well as other attractions. For that reason study zeroing in, it turned out that 26% of the 5,000 open Wi-Fi networks in São Paolo don’t make use of any encryption.
By means of this in mind, the company’s experts prepared a list of recommendations for those travelling to São Paolo for the 2014 World Cup, viz:
- At all times access any Wi-Fi network through a VPN connection. If you do not have one, please get one and install it on all your devices – ranging from smartphones, tablets, laptops, etc.
- If a Wi-Fi network blocks your VPN, avoid using that network. If you have no choice, it’s better to make use of the Internet by means of TOR Browser together with your own DNSCrypt settings directly on your device.
- If you own an Access Point, please check if your firmware is the latest version. If not, upgrade it.
- Don’t leave your Access Point with vendor default settings; change them and also set strong new passwords.
- Check the encryption your Access Point now has. If it’s WPA or WEP, change it to WPA2 with AES settings. Disable SSID broadcasting and make sure your network password is strong.
- If there is no really secure network where you are, don’t worry about posting your pictures right away; wait until you find a secure place to work.
Fake AC/DC Charging Points
A malicious AC/DC charger in Brazil will still charge your battery, but at the same time it can silently steal information from your smartphone. The interception will take place via a USB connection, as the majority of plugs use this type of connection. In some circumstances these fake chargers can also install malware capable of tracking your location, stealing notes, contacts, pictures, messages as well as call records, saved passwords and for that matter, browser cookies.
Recommendations
- Never use unknown chargers; instead look for trusted places to recharge devices.
- Use your battery responsibly and try to keep a spare with you, so you can use it if the primary battery dies.
- iOS devices have covers with an extra charging battery, which may also be a good solution.
- Try to optimize battery life by shutting down unnecessary processes and turning on airplane mode when a cell phone network is not available. You can also disable sounds, vibrations and tones and other resource-hungry features, like animated wallpapers etc.
Dmitry Bestuzhev, Kaspersky Lab’s Head of Global Research and Analysis Team in Latin America, stated that, “Malicious AC/DC charging points are a real danger for those travelling to big events and new destinations. Cybercriminals know that when people are away from home and need their smartphones to access maps, routes and all other kinds of information, they tend to use any available charger, even if it’s just for a few minutes. Keep in mind that you could fall victim and lose sensitive personal data. The same applies to Wi-Fi, especially if you look for open access points when you want to post pictures, locations and send messages. Your sensitive data can be easily intercepted by cybercriminals, so take appropriate security measures.”