Many of the answers here answer the “what they are seeing” portion really well. However more or less all of these answers talk about public/unencrypted WiFi networks.
There are two ways to “hack WiFi”:
– Eavesdropping the communication between your device and the WiFi network.
– Pretending to be the WiFi network and making your device communicate directly with the hacker.
Eavesdropping works with unencrypted communication. Encrypted WiFi or encrypted communication (HTTPS) both defeat this to large extent (there are still things a hacker might learn on unencrypted WiFi, but if you are using HTTPS to read your e-mail, the hacker should not be able to read those).
However if the hacker manages to trick your device into connecting to their WiFi network, they can now start messing with the communication in other ways as well. Not only can they achieve everything they could do previously by eavesdropping the communication, they can now also change it. They might try to change an encrypted connection in ways that makes it easier for them to break the encryption, they might completely alter the pages that you are seeing over unencrypted connection or they might even try to instruct your installed applications to do something the applications normally wouldn’t do such as “send all local files to us” or “install this totally-not-a-virus on the device”.
The scary thing is how easy it is to have your device connect to a hacker’s WiFi network. If you have your phone set to connect automatically to your HomeWiFi, CoffeeShopWLAN and UniversityWireless, it will keep calling for those when you are walking down the street. Essentially it will keep yelling “Is MyHomeWifi, CoffeeShopWLAN or UniversityWireless around?” the whole time WiFi is on and it’s not connected to a network. At this point the hacker can just listen for those calls and then start advertising their own WiFi network as “MyHomeWifi” for example. Your phone can’t tell the difference and will happily connect to the hacker’s network.
(At least few years back the devices didn’t even check if the original network had been encrypted and the new network is now unencrypted. Not sure if this has changed in the last few years.)
Latest Answers