What Is Sidejacking?
Originally posted to wibc.com on 04/09/2012
Submitted by a listener, from Denise Richardson (www.givemebackmycredit.com)
Identity thieves are seemingly everywhere, thinking up clever new ways to steal financial information and use it to spend money that isn’t theirs. How dare they? Sidejacking is just another one of the tactics that identity thieves use to try and gain access to your personal shopping habits and more. While sidejacking isn’t a brand new threat, it is one that many people simply are not aware of.
Sidejacking is the term used to describe what happens when someone intentionally hacks into a wireless Internet connection for the purpose of stealing personal data. The sidejacker taps into an Internet session taking place through a wireless connection to gain access to someone’s personal information. Typically, sidejackers hack into e-mail accounts and social networking sites. This means that anyone using MySpace, Facebook, YahooMail, Gmail, or HotMail is at risk of being sidejacked, especially if they use wireless connections at public hotspots.
The sidejacker does not gain access to your specific username and password, but he does obtain the unencrypted session ID that is transmitted over the wireless connection from the website back to you. If the hacker gains access to the session ID, then he can enter the session and gain access to most of the information in your account. If you are like most people, you might be getting a little bit nervous knowing that someone else could be reading your e-mails at the same time that you are reading them in the airport lobby.
There are instances when your personal information is at greater risk of being obtained by hackers who use sidejacking. If you visit a website that does not encrypt your username or password, the sidejacker will be able to gain access to both of those. Also, if you list important information such as a credit card number, password, or your social security number in one of your e-mails, then a sidejacker can read it and use it later for malicious reasons.
Sidejackers often use public hot spots to try and access a wireless connection for the purpose of stealing this information. Common public hotspots include coffee shops, cyber cafes, corporate offices, airports of all sizes, hotels featuring wireless connections. Of course, sidejackers will take advantage of almost any location that affords them the opportunity to hack into and take someone’s personal identity and information. This might include certain personal home networks that are open to access from the street and sidejackers can easily set up outside for the same reason.
The good news, if it can be considered good news, is that your computer is not more vulnerable than it was prior to being sidejacked. After all, your computer hasn’t been attacked with malicious spyware. It is your wireless Internet transaction or session that has been hacked into. This fact probably gives you small comfort, but nonetheless, at least you don’t have to worry needlessly that someone has access to every piece of data that you have stored on your computer.
Consumers surfing the Internet at home can protect themselves by checking into the security features of their wireless router. While most routers come with security features enabled into them, some routers allow their users to set up more advanced security features.
Additionally, you can protect yourself by avoiding public hotspots when surfing the Internet. Remember that using websites that feature “https” provides a measure of security that protects your data.
Alternatively, you can avoid signing into important accounts such as your bank and e-mail accounts. Even though these types of accounts are typically secure, requiring a username and password login, this measure of security can be lost once a sidejacker has hacked into the wireless session. If this happens, the sidejacker has access to your log in information and can gain access to whatever information is posted at that time.
You also have the option to install a hotspot shield onto your laptop if you are one of those individuals who uses public hotspots frequently. Hotspot shields are designed to hide the IP address while protecting you from potential hackers. Read several reviews and see if you can get a personal recommendation from someone you trust before making the purchase. The best strategy that you can use to protect yourself against sidejacking is to practice vigilance at all times when it comes to surfing the net securely. And if you are like many of us who may be a bit tech challenged, hire a computer security expert to help ensure your computer and wireless access points are secure.