IMPORTANT! This is MoneySavingExpert's open forum - anyone can post

Please exercise caution & report any spam, illegal, offensive, racist, libellous post to

  • Be nice to all MoneySavers
  • All the best tips go in the MoneySavingExpert weekly email

    Plus all the new guides, deals & loopholes

  • No spam/referral links
or Login with Facebook
BT Fon not secure?
Closed Thread
Views: 3,684
Thread Tools Search this Thread Display Modes
# 1
Old 14-08-2011, 8:27 PM
Fantastically Fervent MoneySaving Super Fan
Join Date: May 2009
Posts: 2,643
Default BT Fon not secure?

Hi all

Hoping someone can help us with this. We were away on holiday last week. The kids took their IPods and we went on the internet a few times through BT Fon wifi.

When we came back we found that my husbands e-mail address had been sending junk e-mails to contacts in his address book. This was nothing to do with our home PC as it was switched off and the e-mails didnt show in the sent folder on his mailbox. We use a BT mail address.

We can only assume that this is something to do with us using BT Fon while we were away. We have changed all our passwords and no more emails have been sent but it has made us nervous about using wifi in future. Has anyone else had the same problem? Is there anything else we should do?
Report Post
# 2
Old 14-08-2011, 9:11 PM
Fantastically Fervent MoneySaving Super Fan
Join Date: Jun 2007
Posts: 5,649

It's possible that it was just coincidence that it happened while you were away.

But it's also a possible cause. The issue for FON - unlike other wifi hotspot operators - is that at least a proportion of their hotspots operate from people's homes. In those situations it is possible for people to tamper with the firmware on the FON router - or to tap into the connections to the router - without being detected.

However, I really don't rate it as something to worry about a great deal. Few people have the skills to do something like that, and of the few that do, very few would have the motivation.

As a precaution, for any online service that you used via FON while away that needed username and password, you should change the password. It's probably overkill, because any login page of any importance will use Secure Sockets Layer (signified by the page starting with https://) which is still quite a tough one to crack...
fwor is offline
Report Post
# 3
Old 15-08-2011, 8:46 AM
Fantastically Fervent MoneySaving Super Fan
Join Date: Sep 2006
Location: Usually on planet Earth
Posts: 7,028

Originally Posted by fwor View Post
Few people have the skills to do something like that, and of the few that do, very few would have the motivation.
It doesn't take a lot of skill to set an AP SSID to FON and put up a fake FON landing page.

I haven't heard of this being done but thinking about it it would be a very simple way to cream off lots of login credentials for all sorts on things.

Maybe the email hack is a coincidence or maybe it isn't. I'd certainly be inclined to go for a password changing exercise on everything I accessed through FON.
kwikbreaks is offline
Report Post
# 4
Old 15-08-2011, 9:10 AM
Fantastically Fervent MoneySaving Super Fan
Join Date: May 2009
Posts: 2,643

Thanks for the replies. Luckily we didnt really go on anything other than news/weather sites so no real worries there.

It has made us a bit more wary about using BT Fon though. I think if I needed to access anything secure I would be changing the password regularly just to be sure.

My poor hubby has been getting loads of phone calls all weekend from people telling him his email has been sending random messages!! Other than that there doesnt seem to be any harm done.
Report Post
# 5
Old 15-08-2011, 9:14 AM
Deliciously Dedicated Diehard MoneySaving Devotee
Join Date: Oct 2007
Location: East Midlands
Posts: 13,933

Do not ever access anything personal on open wifi networks.... NEVER... As above it is easy to rename access point to BT FON or even just "Free Wi-Fi" then simply take a copy of all usernames and passwords sent over the network. If you absolutely must access anything with a password then set up a VPN to your home P.C or somewhere else so that your usernames and passwords will be sent over an encrypted connection.

Edit: Then why blame the open wi-fi if all you accessed was the news and weather. Are you sure you didn't read any emails or send your email address in any form. Maybe filled out a competition?
HappyMJ is offline
Report Post
Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

 Forum Jump  

Contact Us - - Archive - Privacy Statement - Top

Powered by vBulletin® Copyright ©2000 - 2015, Jelsoft Enterprises Ltd.

All times are GMT. The time now is 2:24 PM.

 Forum Jump  

Free MoneySaving Email

Top deals: Week of 25 March 2015

Get all this & more in MoneySavingExpert's weekly email full of guides, vouchers and Deals

GET THIS FREE WEEKLY EMAIL Full of deals, guides & it's spam free

Latest News & Blogs

Martin's Twitter Feed


Cheap Travel Money

Find the best online rate for holiday cash with MSE's TravelMoneyMax.

Find the best online rate for your holiday cash with MoneySavingExpert's TravelMoneyMax.

MSE's Twitter Feed