Welcome to a way for hackers to fool you into connecting to malicious networks and give up your personal data: a spoofed Xfinity login page.
If you’ve traveled and tried to get on the Internet, you’ve probably seen some pretty suspicious looking Wi-Fi networks with names like “Free Wi-Fi” and “Totally Free Internet.” Those are likely access points you’d best avoid. But there’s a much bigger threat to your security than somebody randomly fishing for you to connect to them—the networks you’ve already connected to and trusted, like AT&T and Xfinity.
The default settings for the AT&T Wi-Fi network on my iPhone, before I got paranoid.
Mobile broadband providers are eager to get you to connect to their Wi-Fi-based networks while you’re away from home. AT&T has built a network of free hotspots for customers at thousands of places—including train stations, as well as Starbucks and McDonald’s locations across the country. Comcast has spread its Xfinity wireless network far and wide as well, turning customers’ cable modems into public Wi-Fi hotspots accessible with an Xfinity account login.
These free Wi-Fi connections are popular, for good reason—they help reduce the amount of broadband cellular data you consume, and they often provide better network speeds than what you can manage over a 4G connection. But they also offer a really easy way for someone to surreptitiously tap into your Internet traffic and capture your account information for less-than-friendly purposes. Millions of AT&T and Xfinity customers could be leaving themselves exposed to surreptitious hacking of their Internet traffic, exposing their personal data as a result.
Read 9 remaining paragraphs | Comments