Discussion on Information Security Awareness During Cybersecurity Week
Wi-Fi Security
01
Phishing Wi-Fi
Risk Analysis
In public places such as restaurants, shopping malls, train stations, and airports, free Wi-Fi hotspots are often deployed. However, attackers may create misleading Wi-Fi hotspots. Once connected to these malicious hotspots, users may face risks such as information leakage and traffic hijacking.
Security Recommendations
Before connecting to Wi-Fi in public places, pay attention to surrounding prompts and connect to the official network provided; do not use public networks when handling important information or making mobile payments; it is best to use the device’s built-in 4G/5G network.
02
Unauthorized Wi-Fi Hotspots
Risk Analysis
Wi-Fi signals have a certain coverage range, allowing connections not only within the workplace but also nearby. The encryption methods used by employee-constructed Wi-Fi networks are often weak, and once compromised, attackers can directly access the office network.
Security Recommendations
In the office area, use the network access methods provided by the organization; do not set up personal hotspots; do not use devices like “Wi-Fi routers”; if necessary, approval from the organization must be obtained before setting up a wireless router, and a security check must be conducted. Wi-Fi should use secure algorithms, set complex passwords, and ensure passwords are changed regularly.
03
Wi-Fi Password Sharing
Risk Analysis
Some Wi-Fi password sharing apps automatically upload all previously connected Wi-Fi passwords after installation, which may include passwords for home and workplace networks. If attackers use such tools, they can easily connect to home or office networks.
Security Recommendations
Avoid using Wi-Fi password sharing apps; if necessary, it is recommended to first disable the automatic password upload feature.
04
Wi-Fi Information Collection
Risk Analysis
Currently, some advertising companies deploy “Wi-Fi probes” in public places. When a user’s phone has Wi-Fi enabled, the probe can automatically identify the phone’s MAC address, RSSI value, and other information, thus tracking user behavior. If this information is matched with the company’s own data or third-party data, it may be linked to the user’s device ID and phone number, leading to targeted marketing promotions.
Security Recommendations
When Wi-Fi and Bluetooth are not needed, turn off the Wi-Fi and Bluetooth functions on the phone; use mobile security software to intercept potential marketing calls based on records stored in the database.
Source: National Confidentiality Bureau Website
