Hotels seem to be obvious locales for setting up “evil twin” hotspots. The Washington Post has a report on a problem that is yet to reach significant levels in hotels but likely will – the setting up of hotspots by hackers to collect personal information. Data thieves do this by setting up an open hotspot near a valid one or more likely by configuring their laptops to transmit a wireless signal. When a guest in an adjoining area or room look for connections they see the evil twin along with the property’s real hotspot. Frequently, the names are similar to that of the genuine connection with very slight differences such as a lower or upper case. A guest logging in to a fraudulent access point will probably leave his/her data open for the hacker to track their usage and emails and with private data such as credit card numbers ending up being compromised.
There are some simple precautions that hotels and their guests can take to minimize an attack. For starters, just asking the correct name of the hotspot connection helps ensure a false connection is not logged into. Secondly, disabling a laptop’s automatic feature that conencts to the “nearest” hotspot ensures the lazy way out does not result in loss of data. Having a personal firewall outside of corporate firewall (which typically does nothing in a hotel) will help. Corporate guests who have a corporate VPN (virtual private network) have an advantage over general consumers as they can “tunnel” into their corporate network and thwart hackers. Like in most aspects of technology Wi-Fi convenience tends to compromise safety and keeping a step ahead of the hackers is a continual process. Hotels that put out as much information to their guests as possible are doing their customers more than a service as the measures are likely to win appreciation and loyalty.