Why leaving your smartphone WiFi ON causes more harm than good
Many users are under the misconception that leaving their smartphone WiFi switched ON only leads to a persistent battery drain. While this is not inaccurate, the truth is that there is another threat to be aware of. This is the threat of the ‘evil twin’.
Anyone who has used WiFi on a smartphone knows that once a network SSID (the name of the network itself) and other details have been entered, the device automatically connects to this network whenever it is in range. This makes one wonder what happens when there is no visible network in range when the WiFi is turned ON.
The smartphone sends and receives probing requests
Once the WiFi has been enabled on a device, it scans the airwaves for all available networks in the vicinity in two simultaneous ways. ‘Passive scanning’ occurs when the device listens for networks that broadcast themselves and ‘Active scanning’ occurs when the device actively probes for all networks that it has connected to in the past. This discovery process is carried out constantly until the device finds a network to connect to.
The dangers of probing requests
While this in itself is not a threatening scenario for users, the real issue here is that when the device probes for networks it actively broadcasts the various network SSIDs it prefers. An attacker can obtain this information easily and this reveals the unaware users’ preferred networks and other location sensitive data.
Advanced attackers can take this a step further and create a rogue connection, or an ‘evil twin’, which possesses the exact same SSID that the device is scanning for. Thus he can force the device to connect to his network and this enables him to intercept and transfer information with consummate ease. If you think this is extremely complex to achieve then you will be surprised to learn that all an attacker needs is a functional router and some freely available software to accomplish this.
The risks of the Evil Twin network
- The owner of this rogue connection can launch man-in-the-middle (MITM) attacks to intercept any data that is exchanged to and from the device.
- Free programs over the Internet give the attacker the ability to decode web access packets to reveal login IDs and passwords in clear text.
- The attacker can gain control over email accounts and social networks, scan the contacts list, view text messages and more.
- An attacker can also send a spoof SMS that claims to be from someone on the contacts list of the device.
- The attacker can trick the user into visiting a page that looks genuine, but is actually a page that phishes for personal and financial information.
How to avoid Evil Twin attacks
Unfortunately, smartphones do not have an option to disable active probing for wireless networks. The best solution to avoid such attacks is to simply turn the WiFi OFF when one leaves the security of home or office networks. This is a simple one-step process on most devices so there can be no excuses here. Alternatively, one can also make use of an application that turns the WiFi ON/OFF in specific geographical locations.
As a mandatory precaution, effective mobile phone security software is essential. Users who utilize the various tools that Quick Heal Mobile Security provides achieve high protection levels from ‘evil twin’ attacks and other persistent threats. Additionally, always remember to turn your WiFi OFF when there are no active networks in range, in order to avoid such attacks.
32 Comments
Nice information as always… thanks…
Thanks, this seems like GOOD advice. Will follow it.
Thanks really useful information. Now i can explain this to others also, really good job.
In this context, I would like to know if there is any adverse effect of using the mobile as a modem for broadband connection.Bluetooth is being used
to connect “Nokia Suite” in the absence of braodband (my BSNL broadband modem is under replacement)and from the “Nokia Suite” I am using my broadband connection.Microsoft on the one hand is advising to use “Hotfix” to use effectively the mobile as modem, while giving serious caution of downloding it(hotfix)till it is standradised and is offered as a normal window update.
I am perplexed.What is “Hotfix”? I seek your advice in this connection.
Hi Saral,
Using your smartphone as a modem will not be harmful as long as you turn OFF the Bluetooth once you are done using the connection. A ‘hotfix’ is a temporary update until a regular security patch is released by a developer. We suggest that you continue using the ‘tethering’ feature of your Nokia phone till your broadband modem is returned to you.
Regards.
Hi,
Thanks . Very useful information shared by you.
Nice good… Rahul
Very very useful info,
thanx alot
THANKS FOR NICE UPDATE & SECURITY TIPS FOR MOBILES .
Thanks Rahul, that was great staff
Very informative article….
better than ever before.
Nice to have the info like this.
Sure to follow
please explain me again so we shouln’t on it?
Hi Saket,
You should switch it on only when you need to use it. Once you are done using the WiFi, you should switch it off.
Regards.
nice,very use full
thanks
this antivirus very use in my system
sir,
you can give me suggetion ?
How I can connect any wifi network ?
Hi Mahesh,
Turn the WiFi of your smartphone ON and available networks will be viewed automatically. You can then connect to any of them. You can also search for available networks through the interface of your phone.
Regards.
good information
Really helpful information. Thanks
thanks it will help me to use WiFi systematically
very ghaint information ………keep it up……!!
pls tell me how to know that which WiFi is secure and which not coz. many times I received more then one access networks(OPEN) near by my Home as well as Office and other places..?
Hi Mahi,
When you see the name of the WiFi network, you will also see some text under that name. You may see various things like WPA/PS2/PS2K. These are signs that these are secured networks. Unsecured networks will not contain these characters and will not require a password to gain access.
Regards.
can you tell me how to use smart phone as a modem/
Hi Vinay,
Using the smartphone as a modem is known as tethering. Different models have different procedures for the same. Kindly check the user manual or the manufacturers website to know the exact details for your smartphone model.
Regards.
Thanks..for such a helpful information………..
thanks for the information.
Good Job and informative keep it up.. awareness is the most imp tool one can be safe with..so always share yourself…to benefit all … ;))
very nice rahul
Thanks sir for your valuable technical guidance.