- An experiment conducted to see how many people would log on to free, unsecured Wi-Fi hotspots near the site of the Republican National Convention in Cleveland on Sunday revealed that people are still not diligent enough about protecting their personal information.
- More than 1,200 people connected to the fake Wi-Fi networks set up by Avast Software, the researchers said.
- Of the people who connected to the networks, Avast found 68% left their personal information exposed.
Educating mobile workers about the dangers of threats like unsecured Wi-Fi hotspots is critical to protecting the enterprise. While some mobile user activity is for personal use, in some cases people can access proprietary information that can threaten the integrity of enterprise data security.
The Wi-Fi spots were designed to mimic secure networks with names such as "Google Starbucks," "I vote Trump! free Internet" and "I vote Hillary! free Internet."
The test revealed how risky it can be to connect to public Wi-Fi, as the Avast researchers could see users’ personal information as well as which sites people visited. Over the course of a day, Avast saw more than 1.6Gbs transferred from more than 1,200 users. Of those, almost 7% shopped on Amazon, and 1% accessed a banking app or banking website; 5% played Pokemon Go; 4% visited government domains or websites. A small number also accessed dating apps or pornography sites.
Experts suggest people employ a VPN when joining public Wi-Fi, which anonymizes their data while connecting to public hotspots to ensure that connections remain secure.
"With Washington heatedly discussing cybersecurity issues virtually every week, we thought it would be interesting to test how many people actually practice secure habits," said Gagan Singh, president of mobile at Avast in a press release. "Understanding the talking points behind these privacy issues is very different from implementing secure habits on a daily basis."
In February, Avast conducted a similar test at the Barcelona Airport as people arrived for the Mobile World Congress 2016. In that test, more than 2,000 users connected over the course of a few hours, Avast said. In almost two-thirds of the cases, researchers were able to see the identity of the device and the user.