Hacking Wi-Fi is child's play

The great Groucho Marx, in character, was reading a report and remarked that a 4-year-old child could understand it. So, he said, "run out and find me a 4-year-old child."

Betsy Davis isn't 4. She's 7, but it's still pretty impressive that a computer-savvy 7 year old could Google the information she needed in order to hack into a public Wi-Fi system in a little under 11 minutes. Fortunately, Betsy is not a criminal hacker, but was enlisted as a part of a security experiment to show how easy it is to hack into such network and steal information from unwary people.

Whether you're at an airport, hotel, mall, coffee shop or almost anywhere else, you will usually find free Wi-Fi service that conveniently connects you to the Internet. However, with this convenience comes danger.

Many people assume that the Wi-Fi that they're using is secure, but this isn't always the case. In fact, identity thieves often go the same coffee shop or other venue where free Wi-Fi is provided to set up their own Wi-Fi, which is what you may unwittingly be tapping into. .

Technologically, it's easy to set up a phony Wi-Fi that can capture all of the information contained in your smartphone, laptop or tablet and use it to make you a victim of identity theft. Furthermore, even if you're not using an identity thief's Wi-Fi, you may be using an insecure system susceptible to being hacked..

Not long ago, security company Kaspersky Lab exposed a targeted threat against high-level government and business leaders staying in upscale hotels.

The attack starts with a breach of the particular hotel's Wi-Fi network and the installation of malware even before the targeted guest arrives at the hotel. When the hotel guest connects to the hotel's Wi-Fi system by logging in using his last name and room number, the hackers are alerted. They then send a pop-up alert regarding a necessary software update that needs to clicked on and downloaded. The pop-up looks legitimate.

In this particular group of targeted attacks, which Kaspersky labeled "Darkhotel," the pop-up was an update to Adobe Flash player, although it could be an update for any other program. When the unwary victim clicks on the link, he or she downloads malware that enables the hacker to steal information from the victim's laptop or other device. In this case, the information sought was for corporate espionage, but others using the same tactic could just as well use it to gather personal information for purposes of identity theft.

So what can you do?

You can never be sure of the security of Wi-Fi regardless of where it is. It's important to be skeptical

When an update is offered by way of a pop-up, you're better off accessing the update through the website of the company after you confirm that it's legitimate.

Basic safety precautions you should take before using public Wi-Fi also include equipping whatever device you're using with an updated Firewall, anti-virus and anti-malware security software and a program to encrypt your data. Also, go to your settings before using public Wi-Fi and turn off sharing.

Finally, you may wish to consider using a Virtual Private Network (VPN), which enables you to send your communications through a separate and secure private network, totally encrypted, while you're on a public network. There are a number of good, free VPNs, including CyberGhost (www.cyberghostvpn.com/en_us).

Steve Weisman is a lawyer, a professor at Bentley University and one of the country's leading experts in scams and identity theft. He writes the blog www.scamicide.com and his latest book is "Identity Theft Alert."