TDCI Reminds Holiday Shoppers to Use Caution with Public Wi-Fi

Tuesday, November 22, 2016 | 09:44am

NASHVILLE – With many shoppers preparing to score holiday gift deals on Black Friday (11/25) and Cyber Monday (11/28), the Tennessee Department of Commerce & Insurance (TDCI) Division of Consumer Affairs warns consumers to be wary of hackers that use public Wi-Fi to glean sensitive information.

“Connecting to public Wi-Fi networks can make you more vulnerable to scammers,” said TDCI Consumer Protection Director Cynthia Wiel. “Criminals often watch free networks in order to gain access to account passwords, emails, banking credentials, and other personal information. To minimize fraud risks, Tennesseans should avoid using public Wi-Fi for their online holiday shopping.”

Cyber scammers use a variety tactics to steal personal information through public internet networks. According to the AARP Fraud Watch Network, the most common Wi-Fi scams include:

  • Man in the Middle Attack: The hacker positions himself between you and your Wi-Fi connection point. So instead of talking directly with the hotspot, you're sending your information to the hacker, who then sends and receives data impersonating you. Every piece of information you're sending out on the Internet: important emails, credit card information and even security credentials to your business network — are all under the control of the hacker.
  • Evil Twin Attack: A hacker sets up a Wi-Fi access point with the same name as a legitimate network you have connected to previously and compels your computer or phone to connect to it automatically without your consent. He monitors commonly used network names, and chooses one — such as "default" or "home" — and banks on your device recognizing it.
  • War Driving: Armed with a laptop, smartphone or tablet, "war drivers" use commonly available software to troll neighborhoods to find open or poorly protected Wi-Fi networks.

TDCI shares the following tips from AARP to help protect consumers from Wi-Fi scams:

  • Don’t access your email, online bank or credit card accounts using public Wi-Fi.
  • Watch out for fake Wi-Fi at coffee shops, hotels or other free hot spots – network names that are close, but not exactly right. Employees can give you the correct connection name and IP address.     
  • Don’t let your mobile device automatically connect to nearby Wi-Fi; manually select the network you want.
  • Don’t surf using an unknown public network if the website requires sensitive information – like online shopping.

For more consumer resources, or to file a complaint, contact the TDCI Division of Consumer Affairs at 800-342-8385 or visit