Don’t become a victim of Public WiFi intrusion in South East Asia
Posted on March 11, 2014 by Darryl Hall
Sitting comfortably? If you are reading this whilst connected to your hotel WiFi or public WiFi in a cafe / bar you are obviously concerned on the potential of your data being hacked through WiFi intrusion.
There are many scams you need to be aware of whilst travelling in South East Asia.. But the one everyone usually overlooks is how safe is it to use public WiFi in places such as Thailand? In most cases.. It is not, without taking adequate precautions.
Why is it unsafe to use Public WiFi in SE Asia?
Most WiFi networks in backpacker areas such as Chinatown (Kuala Lumpur), Khao San Road (Bangkok) and cities such as Ho Chi Minh, Hanoi, Phnom Penh and Vientiane use cheap, old routers that have little to no security built in.
Hackers can take advantage of that, and in fact the owners of the businesses sometimes even have a part to play in the scams. All you have to do in most cases to allow them access to your accounts, such as GoogleMail, Facebook, Twitter, YouTube, Online Banking, etc.. Is simply login on your own computer / mobile device whilst connected to the Public WiFi. After you have logged in, they can take your active session UID and act like you online.
What can WiFi Hackers / Phishers actually do with my data?
A lot of things, the list is infinite. Mainly scammers / hackers in Thailand for instance use your online banking to allow themselves access to your funds. Once they have access to your banking account session UID, they can transfer money out of your account to theirs.
With regards to Social Media, they will be able to login and act as you. So they can read messages, send ones on your behalf, reset passwords, etc..
Many backpackers also use cloud based storage solutions to keep digital copies of their passports, insurance details, bank information and other forms of identification easily accessible. When you login to these websites, hackers utilising security loopholes in Public WiFi can access those files during an open session (whilst you are logged on). This results in identity theft (passport theft is huge business in Thailand).
If you are by chance looking for a secure cloud based storage provider, I would recommend DumpTruck, given it's free for up to 5GB of storage space, try it out.
‘The Technical' stuff
So maybe you are asking, how on earth do these people do this!!? Some of you may not want to know the specifics, if you sit in that camp, read further below on how to keep safe when using WiFi.
Local Access Points in hotels, restaurants and bars that you use to access the WiFi from contain security flaws, especially the older type that are used extensively in SE Asia. A simple scenario in which is usually played out is detailed below…
- Hacker locates nearby APs that are unencrypted (public Wi-Fi for example) and using default Admin settings.
- Save the targeted AP’s system settings.
- Replace the targeted AP’s firmware with custom firmware (which will allow better access to your data and infection of Malware).
- Configure the now infected AP with the saved setting.
Within the space of a few minutes, the public WiFi network you are using can be changed over to a custom firmware running that can track and record everything you are doing online and essentially steal your login / access abilities.
Many hackers in Malaysia and Thailand use cheap ($40) devices that can do all of this work automatically. With enough power, they can be deployed up to 1km away and still steal your data.
What can I do to protect myself whilst using Public WiFi?
You may be mistaken in thinking that your connection whilst connected to public WiFi is secure as long as you see the ‘HTTPS' in the left corner of your address bar or a green shield displaying. Usually on a private home WiFi connection, you would be fine to assume this.
There are simply only 2 ways of ensuring your data is protected whilst using WiFi, backpacking in South East Asia.
- Logout from every website you visit before closing your browser tabs. This ensures if someone was scanning your computer and using your logins, once you logged out, their sessions would finish as well. (This method doesn't help you when you are accessing logged in websites).
- Buy a VPN (Virtual Private Network) for your PC, Mac, iPhone / iPad or Android device. VPN's are the only way you can be safe when using public WiFi in South East Asia. This is because…
- VPN's hide / mask your connection and the websites that you are logging into / visiting.
- Your data is anonymised so nobody (not even the government) can track your online habits.
- A VPN closes the connection between you and the website you are accessing into an impenetrable tunnel. The only person that can see what you are doing is you and the other website. This ensures you won't be hit by ‘middle-man' hacking tactics.
- They work on 256bit security, impossible to crack (it probably would take 10,000 years!)
You don't need to be web / technical savvy to understand what a VPN is and how you would use one. We use VyprVPN, because it's the cheapest, fastest and most secure VPN in the world.
You simply download the software from their website, login and then connect. They have software for every one of your devices as well, meaning you can make your browsing safe on your phone / tablet and laptop all at the same time.
|| STEP 1 ||
Choose your VPN plan from VyprVPN, there are 3 packages starting from $5 – $10 for 1 month (special 50% discount offer for 1st month).
Most people go for the middle package, as it's more secure, gives you more device logins and has more free cloud storage. They all have a 3 day free trial, so you can cancel without charge within the first 72 hours. So I would recommend just signing up and testing it out.
- Select your monthly plan here.
- Type in your details in the boxes provided, create a username and password, then continue to the payment page and pay for your selected service. It’s billed monthly, so you can cancel at any time.
- Once processed, you will have an account immediately available.
|| STEP 2: ||
Download the VPN software and install on your PC / Mac, iPhone or Tablet.
VyprVPN have software available for both PC & Mac, along with all iOS devices (iPhone & iPad) and Android phones and tablets.
- You can download the software here.
- If you have a iPhone or iPad, go to the App Store on your device, and search for ‘VyprVPN’ and click install.
|| STEP 3 ||
Login with your username and password and connect to the right server
Now, remember your username and password you created earlier (email address is your username). Open the VyprVPN software up on your PC or Mac and it will prompt you for your login details, enter them, then choose the country server you want to connect to.
- Choose the country that is closest to your current location for fastest connection. You can connect to any country you like though, for example if you wanted to watch American TV on www.hulu.com, then connect to USA and it will allow playback even in Thailand.
If you are installing the App on your iPhone or iPad (or Android device), then enter your login details when you open the App for the first time. Once you click ‘Connect’, you will be automatically connected and everything you now do online is anonymous, untracked and best of all you can access content that normally is blocked in Australia.
That ends our guide on staying safe whilst using Public WiFi in South East Asia. I hope you enjoyed our article and it helps you in the future with staying safe whilst surfing on your favourite websites!