• PC World
• »Networking
• »Wireless

Business computer users who frequent airport and other wireless hotspots are being warned of a new, more sophisticated variant of the "Evil Twin" phishing scam that appeared in January.

In a warning Tuesday, wireless security and monitoring vendor AirDefense in Alpharetta, Georgia, said the new phishing scam lures victims by setting up fraudulent Web sites that appear to be log-in sites for legitimate Wi-Fi hotspot vendors. When users log in and access the phony sites, providing personally identifying information, their computers are hit with as many 45 viruses, according to AirDefense.

The company said wireless users at hotspots in shopping malls and coffee shops aren't believed to be at risk because hackers are targeting more lucrative victims, such as business travelers in hotels and at airports.

"These attacks are being driven by business because so much business, so many transactions, are done over the Internet," said Jay Chaudhry, the chairman and cofounder of AirDefense. "There's a lot of this going on, and businesspeople need to be careful. The average business executive...has no clue."

"Wireless security is a race with hackers," Chaudhry said in a statement. "Hackers have moved away from the challenge of simply trying to access a device. They are now interested in commercial gain. The most lucrative and easiest place for hackers' commercial gain is business hotspots such as airport lounges, hotels, and conferences."

The phishing scam was discovered at several recent wireless technology trade shows, the company said.

The Con and Protection

The new Wi-Fi phishing variant is a more sophisticated version of the Evil Twin attack that hit the Internet in January. In Evil Twin, also known as the AP (access point) phishing scam, an attacker poses as a legitimate hotspot and tricks victims into connecting to the hacker's laptop or handheld device, according to AirDefense. Once the victim connects, the attacker can attempt to coerce the user into revealing personal and confidential information.

To avoid becoming victims of the latest scam, AirDefense recommends that wireless users take several security steps. When accessing their accounts at hotspots, users should enter passwords only into Web sites that include a Secure Sockets Layer key at the bottom right of the Web browser. Users should also avoid hotspots where it's difficult to tell who is connected, such as at hotels and airport clubs. Hotspots should be used only for Web surfing and not for making online purchases or any other transactions where account numbers or passwords are needed, the company said.

Users should also turn off or remove their wireless cards from their computers when they aren't accessing a hotspot to prevent others from accessing their machines, the company said. Users are also encouraged not to use unsecured applications such as e-mail or instant messaging while at hotspots. All patches for personal firewall and security software should also be regularly updated.