The WiFi pineapple looks simple and unassuming, and it’s about the size of a cell phone. Hackers use this little tool to turn off drones, track commercial aircraft, and play practical jokes, but sometimes, the actions are much more serious. Contrary to its icon (the pineapple is a traditional symbol for welcoming), this device is not about hospitality. It’s designed to help hackers steal your information over public WiFi. Should you be worried? Here’s what you need to know.
How It Works
Essentially, hackers use WiFi Pineapples to create fake WiFi connections that mimic existing public WiFi spots. Then, an unsuspecting internet user sees a WiFi connection that looks like their local library or coffee shop, but when they connect, they’re playing into the hands of the hacker. As they pull up sites, the hacker can essentially see everything they are doing.
Luckily, there are a couple of caveats. If the user routes their browsing through a virtual private network (VPN), the hackers can’t see it. Similarly, if the user is on a secure https, that also encrypts any transmitted information and prevents anyone from seeing it.
Protecting Your Customers from the Pineapple
To prevent people from being able to steal your client’s banking information with a WiFi Pineapple, take time to educate your customers about the dangers of public WiFi. When they use the WiFi at hotels, coffee shops, restaurants, or other public place, for example, they should always use a VPN, regardless of the Pineapple threat.
Without the right protection, if your customers pull up their banking details over public WiFi, hackers can easily steal their usernames and passwords, which can then be used for fraudulent purposes.
Additionally, make sure that your website uses https protocol. Unfortunately, however, if your customers enter your website address manually, and they only type in http, the Pineapple can intercept that traffic and instruct the site to stay unsecure. In this case, your website will look and function just like usual, with only one difference — the little padlock in the address bar won’t be there. Make sure your customers know to look for that security indicator and to close the site if they don’t see it.
Protecting Your Financial Institution
If you ever decide to review loan applications or catch up on other work outside your bank, you also need to avoid public Wi-Fi or use it very carefully. Make sure that you’re taking the precautions explained above and be particularly careful about checking emails as they often contain sensitive information.
Although hackers use the WiFi Pineapple for a variety of actions, the manufacturer didn’t necessarily develop this product for their needs. Instead, it’s designed to be used by penetration testers or “pentesters”. These are white hat hackers who test the security of your public WiFi system. If you’re worried about someone seeing your connection and breeching it, you may want to consult with a pentester. They can help you find security holes and protect yourself.
WiFi Pineapples are just one of the many hacking tools out there. The product is in its fifth generation, meaning that it’s always getting stronger and more effective. To protect your bank and your customers from fraud, you need a fraud protection partner who also keeps on top of the latest threats. To get help, contact us at SQN Banking Systems today.