Cyber-criminals ‘hack into free wi-fi hotspots to get bank details’

Criminals are hacking into public and commercial wi-fi hotspots to steal people’s private data and credit card details, police warned today.

Detectives say victims of the attacks are often not aware of how cyber-hackers gained access to their bank accounts, and warn that the attacks are hugely under-reported.

Only 33 people have said they have lost money after being hacked while using a public wi-fi spot in the past five years.

Police say one of the most common threats to public wi-fi is a “man in the middle attack” when a cyber-criminal takes over a public network and relies on the established connection to the victim’s machine to redirect communications through his network.

Another method is to set up a spoof network — or “evil twin” — using the name of a shop, hotel or cafe for example, and then infiltrate the un-suspecting victim’s device when they try to log on.

The alert was raised today by Action Fraud, the agency run by City of London police which collates all reports of fraud in the UK.

Steve Proffitt, the deputy head of Action Fraud, said: “There is no doubt that people face risk when they connect to a public wi-fi network.

“It is important that people consider what they use public wi-fi for and are aware that there are cyber-criminals who will use every opportunity to infiltrate networks in order to gather personal and financial details.”

There are now an estimated 269,000 free wi-fi points in the UK, compared to 202,944 in 2014, mostly used for emailing and social networking.

The fraud detectives warn that people using public wi-fi should avoid online banking, downloading apps, installing updates and online shopping, and try to check if a network is genuine.