IMPORTANT! This is MoneySavingExpert's open forum - anyone can post

Please exercise caution & report any spam, illegal, offensive, racist, libellous post to forumteam@moneysavingexpert.com

  • Be nice to all MoneySavers
  • All the best tips go in the MoneySavingExpert weekly email

    Plus all the new guides, deals & loopholes

  • No spam/referral links
or Login with Facebook
BT Fon not secure?
Closed Thread
Views: 2,824
Thread Tools Search this Thread Display Modes
# 1
YORKSHIRELASS
Old 14-08-2011, 8:27 PM
Fantastically Fervent MoneySaving Super Fan
 
Join Date: May 2009
Posts: 2,264
Default BT Fon not secure?

Hi all

Hoping someone can help us with this. We were away on holiday last week. The kids took their IPods and we went on the internet a few times through BT Fon wifi.

When we came back we found that my husbands e-mail address had been sending junk e-mails to contacts in his address book. This was nothing to do with our home PC as it was switched off and the e-mails didnt show in the sent folder on his mailbox. We use a BT mail address.

We can only assume that this is something to do with us using BT Fon while we were away. We have changed all our passwords and no more emails have been sent but it has made us nervous about using wifi in future. Has anyone else had the same problem? Is there anything else we should do?
YORKSHIRELASS is offline
Report Post
# 2
fwor
Old 14-08-2011, 9:11 PM
Fantastically Fervent MoneySaving Super Fan
 
Join Date: Jun 2007
Posts: 5,589
Default

It's possible that it was just coincidence that it happened while you were away.

But it's also a possible cause. The issue for FON - unlike other wifi hotspot operators - is that at least a proportion of their hotspots operate from people's homes. In those situations it is possible for people to tamper with the firmware on the FON router - or to tap into the connections to the router - without being detected.

However, I really don't rate it as something to worry about a great deal. Few people have the skills to do something like that, and of the few that do, very few would have the motivation.

As a precaution, for any online service that you used via FON while away that needed username and password, you should change the password. It's probably overkill, because any login page of any importance will use Secure Sockets Layer (signified by the page starting with https://) which is still quite a tough one to crack...
fwor is offline
Report Post
# 3
kwikbreaks
Old 15-08-2011, 8:46 AM
Fantastically Fervent MoneySaving Super Fan
 
Join Date: Sep 2006
Location: Usually on planet Earth
Posts: 6,535
Default

Quote:
Originally Posted by fwor View Post
Few people have the skills to do something like that, and of the few that do, very few would have the motivation.
It doesn't take a lot of skill to set an AP SSID to FON and put up a fake FON landing page.

I haven't heard of this being done but thinking about it it would be a very simple way to cream off lots of login credentials for all sorts on things.

Maybe the email hack is a coincidence or maybe it isn't. I'd certainly be inclined to go for a password changing exercise on everything I accessed through FON.
My laptop keyboard keeps missing spaces. Sorry.
kwikbreaks is online now
Report Post
# 4
YORKSHIRELASS
Old 15-08-2011, 9:10 AM
Fantastically Fervent MoneySaving Super Fan
 
Join Date: May 2009
Posts: 2,264
Default

Thanks for the replies. Luckily we didnt really go on anything other than news/weather sites so no real worries there.

It has made us a bit more wary about using BT Fon though. I think if I needed to access anything secure I would be changing the password regularly just to be sure.

My poor hubby has been getting loads of phone calls all weekend from people telling him his email has been sending random messages!! Other than that there doesnt seem to be any harm done.
YORKSHIRELASS is offline
Report Post
# 5
HappyMJ
Old 15-08-2011, 9:14 AM
Deliciously Dedicated Diehard MoneySaving Devotee
 
Join Date: Oct 2007
Location: East Midlands
Posts: 13,567
Default

Do not ever access anything personal on open wifi networks.... NEVER... As above it is easy to rename access point to BT FON or even just "Free Wi-Fi" then simply take a copy of all usernames and passwords sent over the network. If you absolutely must access anything with a password then set up a VPN to your home P.C or somewhere else so that your usernames and passwords will be sent over an encrypted connection.

Edit: Then why blame the open wi-fi if all you accessed was the news and weather. Are you sure you didn't read any emails or send your email address in any form. Maybe filled out a competition?
HappyMJ is offline
Report Post
Closed Thread

Bookmarks
 
 




Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

 Forum Jump  

Contact Us - MoneySavingExpert.com - Archive - Privacy Statement - Top

Powered by vBulletin® Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.

All times are GMT +1. The time now is 9:27 AM.

 Forum Jump  

Free MoneySaving Email

Top deals: Week of 01 October 2014

Get all this & more in MoneySavingExpert's weekly email full of guides, vouchers and Deals

GET THIS FREE WEEKLY EMAIL Full of deals, guides & it's spam free

Latest News & Blogs

Martin's Twitter Feed

profile
  • Engaged and bought a house? Heaven forbid one of you died, without a will your share would go to their relatives not you. #Willfact
  • Free wills http://t.co/ST6uxNt7fe (and key warning unless you have one, if you just cohabit, not married/civ part - your partner gets nowt)
  • On my way to @GMB for my 7:40 Deals Of The Week slot. Today Inc free wills, no fee debt shift, free greggs and national citizen service week

Cheap Travel Money

Find the best online rate for holiday cash with MSE's TravelMoneyMax.

Find the best online rate for your holiday cash with MoneySavingExpert's TravelMoneyMax.

TuneChecker Top Albums

  • ED SHEERANX (DELUXE EDITION)
  • ALT-JTHIS IS ALL YOURS
  • SAM SMITHIN THE LONELY HOUR (DELUXE EDITION)

MSE's Twitter Feed

profile
Always remember anyone can post on the MSE forums, so it can be very different from our opinion.
We use Skimlinks and other affiliated links in some of our boards, for some of our users.