A 44-year-old man has been handed a seven-year jail sentence after pleading guilty to stealing images and personal data from women via “evil twin” Wi-Fi networks.
The man was sentenced in Perth District Court on Friday after being caught red-handed following an interstate flight to the Western Australia capital last year.
Australian Federal Police (AFP) officers apparently searched the man’s hand luggage after airline staff reported a suspicious lookalike Wi-Fi network on the plane which mimicked a legitimate access point.
They found a portable wireless access device (aka a “Wi-Fi Pineapple”) alongside a laptop and mobile phone. Wi-Fi Pineapples are typically used for pen testing, capturing user data as it travels from devices to the internet.
The man apparently tricked victims into connecting to his malicious access point, where they were diverted to phishing pages to have their credentials harvested.
Forensic analysis at the AFP identified thousands of intimate images and videos, as well as credentials belonging to his victims, alongside records of fraudulent Wi-Fi pages. It’s believed the man harvested this information from victims’ social media accounts.
Read more on fake Wi-Fi: Cybercriminals Hack UK Rail Network Wi-Fi.
AFP investigators identified evidence of malicious Wi-Fi pages at airports in Perth, Melbourne and Adelaide as well as on domestic flights, the police force said.
The man also tried to access online meetings between his employer and the AFP about the investigation shortly after he was apprehended. A day after his arrest, he deleted 1752 items from a data storage account and unsuccessfully tried to remotely wipe his mobile phone, the AFP added.
Wi-Fi Users Told to Be Vigilant
AFP commander Renee Colley urged internet users to exercise caution when connecting to free Wi-Fi in public places, instructing them to switch off Wi-Fi on devices to prevent them automatically connecting to hotspots.
“A network that requests your personal details – such as an email or social media account – should be avoided,” she added.
“If you do want to use public Wi-Fi, ensure your devices are equipped with a reputable virtual private network (VPN) to encrypt and secure your data. Disable file sharing, don’t use things like online banking while connected to public Wi-Fi and, once you disconnect, change your device settings to ‘forget network’.”