Estimated read time: 2-3 minutes
This archived news story is available only for your personal, non-commercial use. Information in the story may be outdated or superseded by additional information. Reading or replaying the story in its archived form does not constitute a republication of the story.
SALT LAKE CITY — Wi-Fi hijacking may sound like something out of a science fiction novel, but in reality, it's something you could be at risk for every day.
Imagine sensitive information like passwords and account information, stolen right off your phone while it's sitting in your pocket.
Security Researcher Troy Hunt introduced us to the Wi-Fi Pineapple. You may be familiar with the gadget, but it’s what you don’t know that could hurt you. Hunt says the Wi-Fi Pineapple looks to see if your device has a secure connection and if it doesn’t, it tricks your device into connecting to it.
We tested it in our newsroom and found that within minutes, we had multiple phones, tablets and laptops connecting to our fake “free Wi-Fi.”
“When we connect to a network and we say ‘remember this network,’ when we go home or go to work it automatically connects,” Hunt said.
Our devices remember that information and continue to broadcast, sending little probe requests to the names of networks it’s connected with in the past. If your network isn’t protected, then your device will automatically connect. Wi-Fi Pineapples are legal to sell and legal to use, but we have some good advice to keep your sensitive information secure.
Turn off your Wi-Fi
If you're going to be out and about and don't need your Wi-Fi, turn it off. Using a 3G or 4G connection through your service provider is more secure than using someone else's network.
Be app cautious
You install a variety of apps, some of them with passwords. Although bank apps can be fairly secure, you can't be too careful when it comes to storing your personal information.
Avoid open networks
Be cautious about where you are and what network you're sending data through. Don't connect to networks that don't offer encryption. They’re usually displayed with a padlock next to it. Hunt said “the ones that don’t have a padlock are networks that you don’t want to be connecting to. Not only because of this device, but when you are connecting to that network, other people on that network can see your data as well.”