Train Station Experiment Shows Wifi Users Willingly Connect To a Fake Hotspot Despite Warnings Their Data Will Be Exposed


Public Wifi networks have eliminated the down time from train travel by allowing passengers to spend it multi-tasking online.  But a recent experiment in the UK demonstrated that passengers’ lust to connect to any free hotspot led them to make reckless choices that opened the door to identity theft and credit fraud.

Test Shows “Free” is More Important Than “Fake” to Hotspot Users

This summer, working with security experts at Bitdefender, Computeractive conducted a public Wifi test at Euston railway station near Covent Garden in London.  Using a smartphone and a laptop, the researchers set up a public wireless connection and named it “Free Wifi.”  They made it clear that connecting to the network would expose users’ sensitive information.  Despite that, within seconds, people began trying to connect to the free fake Wifi network.  An incredible 85% of the people who connected – 35 out of 40 – agreed to the terms and conditions which authorized the disclosure of their personal information.  The study shows that users are willing to trust any public wireless network that’s labeled “free” despite the strength of the warning that’s displayed.

The researchers who conducted the experiment didn’t record any of the participants’ sensitive information for legal reasons. But in real life,  hotspot users wouldn’t have been so lucky.  Their sensitive information would have been immediately exposed to the hacker who set up the fake public Wifi connection.  And he would have grabbed it.  U.S. security expert John Sileo has pointed to another problem with bogus paid Wifi networks.  When hotspots that aren’t free request payment for the service, hackers immediately gain access to users’ credit card information. That makes it even easier for them to commit credit fraud.

That Stranger on a Train Could be a Hotspot Hacker


If you think hotspot hacking dangers disappear once you board the train, you’re seriously mistaken.  A while back, entrepreneur, author and world traveler Peter Shankman got so angry about the dangers of public Wifi hotspots, he decided to conduct an experiment of his own.  Shankman boarded Amtrak’s New York to Boston train and logged into its free Wifi hotspot.  He also installed Firesheep, the notorious free hacking-for-the-masses tool that’s an add-on to Firefox.  Within 10 minutes of leaving New York City’s Penn Station, the self-professed non-geek observed passengers online logging into Yahoo, Facebook and Windows Live.  In “Why It’s Time to Say Goodbye to Free Wifi,” Shankman wrote that, if he had clicked on their names, he would have gained access to every piece of information they assumed was private.

The question is why would anyone assume their information was private after they read Amtrak’s disclaimer, which is the standard one for hotspot providers:

“Passengers are solely responsible for any security breach or accidental disclosure of their personal information.”

That’s just another way of saying there’s no such thing as a free lunch with free Wifi.  When you use it unprotected, you could end up losing a bundle, including your identity.  What’s that worth?

Protect Your Privacy at Public Wifi Hotspots

The good news is you don’t need to say goodbye to the incredible convenience of free Wifi.  Just say hello to a few basic safety procedures that will protect you at hotspots:  Check with the hotspot provider to make sure you connect to the real hotspot – not one that’s fake. Turn off  Wifi when you’re not using it at a hotspot.  And, most of all, use a virtual private network connection like PRIVATE WiFi™.  VPN software encrypts the data traveling to and from your computer.  That’s the only way to ensure your information stays private on public Wifi networks.



Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.