Yorkshire Times
Weekend Edition
Lucy Brown
Features Writer
1:03 AM 21st October 2023

Airports At Greater Risk Of Common Wi-Fi Scam

Image by 420494 from Pixabay
Image by 420494 from Pixabay
Analysis of 34 major UK airports reveals that 53% fail to make the name of their Wi-Fi network clear to customers online.

Cybersecurity experts warn holidaymakers risk falling victim to an ‘Evil Twin attack’ if they unknowingly connect to a bogus Wi-Fi network.

Šarūnas Karbauskas of VPNPro shares his top tips for staying safe when using airport Wi-Fi networks.

Holidaymakers have been warned over using airport Wi-Fi networks to transfer money, stream movies and share personal information, as they jet off this October half-term.

Cybersecurity experts at VPNPro conducted an analysis on 34 of the UK’s busiest airport websites, to determine which ones clearly state the correct name of their Wi-Fi network to customers.

When considering each airport’s website, a staggering 53%, or 18 out of the 34 airports analysed, did not verify the actual name of the airport’s Wi-Fi network on their site, leaving travellers at a greater risk of connecting to malicious network while they wait to board.

Among the offenders were Edinburgh Airport, Birmingham International Airport, Bristol Airport and Humberside Airport.

UK Airport
1.Edinburgh Airport
2.Birmingham International Airport
3.Bristol Airport
4.Belfast International Airport
5.Belfast City Airport
6.Cardiff Airport
7.Inverness Airport
8.Glasgow Prestwick Airport
9.Exeter Airport
10.Norwich Airport
11.Sumburgh Airport
12.Newquay Airport
13.Teesside International Airport
14.City of Derry Airport
15.Kirkwall Airport
16.Stornoway Airport
17.Humberside Airport
18.Dundee Airport

Šarūnas Karbauskas, a cyber-security expert at VPNPro who conducted the analysis commented:

“When heading abroad, travellers frequently surf the web to pass the time, especially if there are unexpected delays to their departure.

“And since they often don’t want to eat up their mobile data while they wait, they will switch over to airport Wi-Fi to continue keeping themselves entertained.

“Anyone who has been to an airport will know that once you switch on your Wi-Fi settings, you are hit with a barrage of options, and it isn’t always clear which is the airport’s legitimate Wi-Fi network.

“A significant number of airports failed to confirm the correct name of their Wi-Fi network on their website, meaning that customers are left vulnerable to online attacks should they unknowingly connect to a bogus network.”

Mr Karbauskas adds, “Often referred to as an ‘Evil Twin Attack,’ cybercriminals are known to set up fake Wi-Fi hotspots in airports, in the hope that travellers will unwittingly connect to their network. Once connected, any personal information entered by the victim can then be intercepted by these fraudsters, enabling them to gain access to your email or bank account.

"Cybercriminals can even set up hotspots with the exact same name as the legitimate Wi-Fi network. Therefore, it is also important to check with a member of staff that you are connecting to the correct network if there are several options with the same name."

List of UK airports which clarified the name of their Wi-Fi network on their website:

1.London Heathrow Airport_Heathrow Wi-Fi
2.London Gatwick AirportFree Gatwick Wi-Fi
3.Manchester Airport_FreeWifi
4.London Stansted Airport_FreeWifi
5.London Luton AirportLuton Airport WIFI
6.Glasgow AirportGlasgow_Airport_WiFi
7.Newcastle International Airport_NCLFreeWiFi
8.Liverpool John Lennon AirportLJLA-Free-WiFi
9.Leeds Bradford AirportLeedsBradfordAirport_Free_WiFi
10.East Midlands Airport_FreeWifi
11.London City AirportLCY Airport Free Wi-Fi
12.Aberdeen International AirportAberdeen_Airport_WiFi
13.Bournemouth AirportBOH Public Wifi
14.Southampton AirportSouthampton_Airport_WiFi
15.London SouthendLondon Southend Free WiFi
16.Land's End AirportSkybus Free WiFi

Image by Methodshop from Pixabay
Image by Methodshop from Pixabay
Tips for staying safe on airport Wi-Fi networks

Mr Karbauskas, has outlined his top tips for staying safe when using airport Wi-Fi networks, so that holidaymakers can reduce the risk of revealing their personal information to cybercriminals.

1. Verify the Wi-Fi connection

If you need to connect to airport Wi-Fi, ask a member of staff if you are about to connect to a legitimate connection, as cybercriminals often imitate Wi-Fi hotspots in order to intercept sensitive data.

As mentioned above, hackers will often create a fake Wi-Fi hotspot using the airport’s name or something enticing such as ‘Free_Airport_Wi-Fi' to hoodwink customers into connecting to their bogus network, before then snooping on their web activity.

2. Enable your device’s Firewall

Most modern laptops come with a built in Firewall, which shields your computer from malicious network traffic and helps prevent unauthorised access to your laptop.

For Windows 11 users, your laptop’s Firewall should be automatically enabled. To check it is enabled go to: Start > Settings > Privacy & security > Windows Security > Firewall & network protection > Windows Security settings. Then ensure that it is enabled for Domain network, Private network, and Public network.

For Mac OS users the Firewall isn’t always enabled as standard. To enable this, go to: System Settings > Network > Firewall > Click the toggle to enable.

3. Enable HTTPS only mode

When online, make sure there is a padlock symbol next to the URL of every website, as this ensures the information passing between your device and the web server is encrypted, preventing most third parties from spying on it.

Most browsers will do this by default, but you can switch on a ‘HTTPS only feature’, which will automatically move you to the secure HTTPS encrypted version of a website if you happen to end up on the unencrypted HTTP version.

To enable HTTPS Only mode on Google Chrome, open the application and select: Settings > Privacy & Security > Security > Toggle on ‘Always Use Secure Connections’

Safari users can update their operating system to macOS Big Sur and macOS Catalina in order to use Safari 15, which automatically enables the HTTPS Upgrade feature.

4. Never install software or certificates

A public Wi-Fi network should never ask you to install any additional software or certificates to use it. If it does, this could indicate that you are connecting to a fraudulent network.

5. Avoid logging into or checking sensitive information

Hold off on logging into banking, social media and email accounts or entering any personal information on public networks until you get home, even if you are confident that you are using a legitimate Wi-Fi network.

6. Enable two-factor authentication

Make sure that any important personal accounts require two forms of verification in order for you to access them. This way, if someone successfully intercepts your password and tries logging into one of your email accounts, you will receive a text to confirm that it is actually you trying to log in.

7. Set up a mobile hotspot if possible

If you are still unsure of the legitimacy of a Wi-Fi network, try to use mobile data on your phone when possible and set up a mobile hotspot if you are working from a laptop.

8. Use a VPN

A Virtual Private Network, or VPN, uses tunnelling protocols to ‘wrap’ your data in a layer of encryption so that anyone intercepting it cannot make any sense of it, as well as concealing your true IP address.

A VPN should provide you with the greatest level of protection from online attacks, even if you are browsing the web on an unsecure Wi-Fi network. There are several free VPNs online, but more reliable ones will cost you a couple of pounds per month.