Think your phone is safe on public Wi-Fi? Think again
A third of Singaporeans regularly use public Wi-Fi, but not all have security built in
That was all the time it took for a hacker to start gathering data from my mobile phone after I connected to an unsecured Wi-Fi network.
He revealed to me which mobile banking app and e-mail services I used as well as my phone's operating system version.
Then, he told me he knew Manchester United was my favourite football team, based on my phone's web browser.
Had I accessed my banking apps or e-mail, he would have captured even more of my personal information.
Thankfully, this hacker was not a cyber criminal out to destroy my life - but a security advocate of cyber security software firm Symantec's consumer business unit, Mr Nick Savvides. He demonstrated to The New Paper in an exclusive interview how vulnerable a mobile phone could be when connected to a public Wi-Fi network.
This comes after experts at the recent Mobile World Congress had warned users about smartphones becoming a target for cyber criminals, as they are rich with personal information, bank data and credit card information and addresses.
Yesterday, Mr Savvides showed me just how easy it was to extract information from a mobile phone.
All it takes is for an unsuspecting user to connect to a public Wi-Fi network - which could be specially set up by cyber criminals and even be disguised to look like an official one such as Wireless@SG, he said.
To demonstrate, he had me connect to a Wi-Fi network that he set up, and almost immediately, he had sight of data that my mobile phone was continuously sending out using an application on his laptop.
From there, he could identify my e-mail accounts and banking app.
He then had me surfing the Internet on my mobile phone's web browser, and from there, he worked out my browsing habits and interests, such as my favourite football club.
"This means I could now send you advertisements saying, 'free Manchester United tickets if you click here', and if you do, phish even more information from you," he said.
These hackers could even go on to take control of your phone should they wish to, he said.
According to the 2016 Norton Cyber Security Insights Report, 77 per cent of Singaporeans said public Wi-Fi was useful for checking e-mails, sending documents and logging into accounts on the go.
A third of Singaporeans also said that they regularly use public Wi-Fi.
Mr Savvides said: "Most people assume that all Wi-Fi networks available in public places such as airports, hotels and cafes have security built in. That's not always the case."
He shared tips on how mobile phone users could better protect themselves, such as installing security software.
"Any smartphone you buy today is a little computer in your pocket. They're very powerful devices and connected to hundreds of servers," he said.
"This makes them a very rich target and the bad guys are after that because the information (in your phone) is the currency they use to conduct identity theft."
Tips to stay safe in cyberspace
Always be cautious of public Wi-Fi networks, said Symantec's consumer business unit security advocate Nick Savvides.
Given the readily accessible public Wi-Fi networks in Singapore - there will be 14,000 free Wireless@SG access points ready for use next month, with the number rising to 20,000 by 2018 - Mr Savvides shared with The New Paper some tips for users to protect themselves:
- Don't do your online banking or any important communication using public hotspots
- Always update your phone and its apps to minimise security issues
- Use a virtual private network (VPN), such as Norton's WiFi Privacy, to encrypt the data sent out via your phone
- Make sure you are using a legitimate hotspot by checking to confirm the network name and connection process
- Turn off file-sharing services at public hotspots