by
Rohit Patel

Latest Hacking Tech. Videos Training Guide Complete

The Hacks

Wireless hotspots are everywhere. With T-Mobile, Concourse, Wayport, etc., a mobile user can obtain connectivity quickly and easily in a wide variety of public locations. Some of these hotspots are free and some of them require a fee or subscription. Either way, you will continue to see how being in a public Wi-Fi hotspot poses the greatest security risk you will find.

Stealing Wi-Fi Hotspot Subscription Credentials

A big issue a few years back had to do with dial-related fraud in Russia. Basically, usernames and passwords to dial accounts were being bought and sold on the black market and the owner's of the stolen credentials were being hit with enormous usage charges. In actuality, this still takes place. With the onset of Public Wi-Fi locations, the threat of fraud and misuse has also moved to the stealing of wireless subscription credentials.

An easy and inexpensive method to steal wireless subscription credentials is by AP Phishing. As it stands today, the only real methods a typical end-user has to determine if a wireless access point is valid is by recognizing the SSID and ascertaining if the site has the look and feel of the real public Wi-Fi hotspot login page. Unfortunately for the end-user, both of these can be easily spoofed. Here's how it's done and no, you won't have to carry a wireless access point around to do this.

Performing this technique requires two steps:

Setting up your computer to look like an actual Access Point broadcasting the appropriate SSID (T-Mobile, Wayport, etc.)

Having the walled-garden, or login page that your computer will display look like the real login page of the provider whose signal you are broadcasting.

Download the Latest Tracks on how to leverage your Hacking Skills