Spanish bank Santander asked Alec Daniels, who took part in a scam awareness programme run by the bank, to try to create a pretend mobile phishing attack and hack a Wi-Fi network as part of a scheme to raise awareness of scams.
Using tools available online and supported by a network security professional, Daniels was able to complete the challenge in 16 minutes 40 seconds, even though he knows little about computers.
Chris Ainsley, head of fraud strategy at Santander UK, said the experiment demonstrates how easy it is for criminals to send phishing emails and hack Wi-Fi hotspots. “We have seen the devastating results that fraud and scams can have on our customers and how much damage can be done if hackers get hold of even a small amount of personal detail,” he said.
“Raising awareness and educating people on how to protect themselves is vital to effectively tackling the criminals who ruin people’s lives.”
Santander’s own research has revealed that 41% of people regularly use Wi-Fi hotspots to carry out financial transactions on their mobile phones, and about 10% said they log into unsecured Wi-Fi networks several times a day.
- Even as black-hat hackers remain on the prowl, ethical hackers save the day. Here are some pointers on how you can build your ethical hacker career.
- UK intelligence agency GCHQ has launched an online code cracking challenge to attract the next generation of web-savvy spies, targeting mainly self-taught ethical hackers.
- The Certified Ethical Hacker certification gained popularity recently. Expert Joseph Granneman explains the CEH and why it is relevant again.
Ethical hacker Marcus Dempsey said unsecured public Wi-Fi networks can be easy pickings for criminals. “By inputting passwords, bank details and confidential information into online banking or shopping websites over a public Wi-Fi, people could be unknowingly putting their finances and identities into the hands of hackers,” he said.
“Perhaps even easier than hacking Wi-Fi is sending scam correspondence, particularly phishing emails.
“If Alec, with no previous knowledge of how to do this, can write and distribute a convincing phishing email in a matter of minutes, it is worrying to imagine the potential damage that actual scammers could be doing.”
This article originally appeared on Computerweekly.com