FBI Issues Warning to Travelers
Fraudsters Exploit Hotel Internet Connections to Spread MalwareThe U.S. Federal Bureau of Investigation warns of fraudsters who are targeting travelers through hotel Internet connections. The scheme involves pop-up windows through which fraudsters trick travelers into installing bogus software updates on their computer. The "updates" are really malware installations.
See Also: New OnDemand | Cyber Risk Graph: Solving the Data Problem of Proactive Security
In a May 21 memo, the FBI describes recent incidents of travelers' laptops being infected with malicious software while using hotel Internet connections.
"In these instances, the traveler was attempting to set up the hotel room Internet connection and was presented with a pop-up window notifying the user to update a widely used software product," the FBI memo says. "If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available."
Once installed, the malware can be used by the fraudsters to steal personal data, including identity credentials, financial account log-ins and passwords - all elements of identity theft.
The FBI recommends that those who travel, especially government, private industry and academic personnel, should:
- Take extra caution before updating software products through a hotel Internet connection;
- Check the author or digital certificate of any prompted update to see if it corresponds to the software vendor;
- Perform any software updates immediately before traveling;
- Download software updates directly from the vendor's website if updates are necessary while traveling.
Anyone victimized by fraudsters as described above should contact a local FBI office immediately and report the incident to the Internet Crime Complaint Center's website.