Cyber-Security in Public Places: Secure Practices for using an Email Client

Cyber-Security in Public Places: Secure Practices for using an Email Client

This research investigates into how a hacker could lure wireless users to connect to his wireless access point (WAP) in public places where public Wi-Fi services are expected to be available. We first show how the unsuspecting users can be made to believe that they are connecting to a particular institution's W AP. It then shows how the hacker can route all email traffic to his/her own mail server. In the process of trying to download e-mails for their owners, e-mail clients send out authentication credentials such as username and password. This research shows how this credential information is exposed to the fake email server setup by the hacker. The project then shows how users can protect against such attacks.