That free Wi-Fi can land you in trouble

Johannesburg. Cases of fraud in Tanzania’s banking industry are not new, but some of them are now linked to the use of free Wi-Fi, experts warn.

Cyber-related fraud cases remain a cause for serious concern in banks across the world, and according to the Investec Fraud Risk Manager, Mr Kevin Hogan, fraudsters are now using internet access in form of free Wi-Fi to defraud unsuspecting consumers of data services.

Investec is an international specialist banking and asset management group that provides a range of financial products and services to a client based in the United Kingdom, South Africa and Australia.

With the number of free Wi-Fi zones increasing in Tanzania, experts are of the view that the trend exposes consumers of such services to techno-savvy criminals who have the intention of siphoning millions of shillings out of their (consumers’) bank accounts.

Speaking at a recent Economic Crimes Conference in Johannesburg, Mr Hogan said hackers were now using a technology that is known as man-in-the-middle (MITM) to steal a consumer’s data through a free fake Wi-Fi.

This, he said, is specifically done through what is termed as an evil twin.

An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications.

“Let’s say you are at the OR Tambo International Airport and the secured Wi-Fi is “OR Wi-Fi,”. The password given is “ORpass” but a hacker would set up a hotspot disguised as the secured Wi-Fi, and label it “OR Free Wi-Fi,” cleverly using the exact same password, “ORpass,” explained Mr Hogan.

A consumer would inadvertently go for the second option (the “OR Wi-Fi,” and thus get himself/herself into the hackers’ hotspot.

When that is done, the hacker will now be able to get access to the consumer’s personal details including e-mail log-in details, usernames, passwords, and private messages.

“Once the information is in hand, the hacker can access your internet banking and in some cases credit card details, using the details pulled from your emails, such as payslips and copies of your ID,” he said.

The hacker can go to as far as loading a spyware onto a consumer’s device so that everything that he/she (the consumer) does with the computer will automatically be sent to the hacker.

“Wi-Fi is a gateway into your computer…. People default to free public Wi-Fi because no one tells us the dangers of logging onto free Wi-Fi, but they’re setting yourself up,” he said.

Available information show that the most reported fraud in banks in Tanzania involves card skimming and ATM withdrawals.

Identity theft, electronic funds transfers, bad cheques, credit card fraud, loan fraud and investment scandals are the other major avenues that criminals are using to defraud banks.