Crooks steal personal info using fake hotel WiFi hotspots

You check into your hotel room, close the door, and lock it.

But, the threat isn't from someone prowling the halls of the hotel. It could be from the guy staying in the next room.

HealthGuard security expert Apolonio Garcia showed us how he could create his own wireless internet access point at any hotel – and label it "Hotel Wi-Fi."

"As soon as someone accesses that and starts using the internet," he said, "we're able to see and capture everything they're doing."

Guests are connected to the internet – but through Garcia's laptop.

He has "a piece of software that's running on it that's looking for username and password, that's looking for log-ins, and when it sees it, it actually logs it for use later," he said.

The thief basically creates a mirror image of the hotel's own website, but with one critical difference: One is real. The other is there to steal your credit card information.

"You can easily create a fake page, have them enter their credentials, pass the user onto the legitimate website so the user doesn't know that they just gave you – the bad guy – their credit card information," he said.

Garcia said the thief could be anywhere in or near the hotel. He set up in the hotel bar so nearby guests get the most bars on their device.

With his "high gain" USB antenna, his is the strongest Wi-Fi signal in the lobby and in many surrounding rooms.

"Once you have the username and password," Garcia said, "you really do have that user's access to pretty much anything."

Security experts say 38 percent of all credit card fraud involves the hotel industry, so be on alert the next time you check in on your next vacation.

E-mail me with any consumer issue you have or “like” my ABC15 Facebook page and tell me about it.

 

Print this article Back to Top

Comments
web fb twitter jd share Image Map