(Page 2 of 2)
"While there are specific steps that businesses can take to protect their secure networks from unauthorized access, users will unfortunately still be vulnerable to attack unless they disable the option to automatically connect to known Wi-Fi networks -- something most consumers will not do because of the inconvenience involved in reconnecting every time they come home or walk into an airport," he said.
In many cases, Gross noted, a smartphone or tablet user may simply be strolling through his local airport where an attacker has set up a Wi-Fi hotspot mimicking that of the legitimate public Wi-Fi, using the airport code as a network ID and not requiring a password to connect. He called this scenario a recipe for mass-compromise, as mobile devices would likely connect to the known network without hesitation.
"Even if the Wi-Fi auto-join feature is disabled, consumers are not in the clear. They will likely still be prompted to connect to a Wi-Fi network and should be extra vigilant when traveling or in a public location where this type of network spoofing is possible," Gross said. "Smartphone software configurations and defaults are clearly set up with user convenience in mind, so consumers must take extra steps to protect themselves and the integrity of their mobile devices."