A stark warning has been issued around the use of public Wi-Fi after a mum lost thousands of pounds in a cruel scam. Leanne Cherrie, 36, was left heartbroken after crooks accessed her email before draining her bank account.
Included in the cash taken was money her 10-year-old son had inherited following the death of his dad – and the mum, from Dalkeith, is certain the fraudsters stole her details when the youngster was connected to the internet in public places.
Experts at Strathclyde University in Glasgow have now warned cybercriminals often target public Wi-Fi to steal confidential information from unsuspecting users. A spokesperson said: “Free Wi-Fi in hotels, restaurants, and coffee shops may seem convenient, but using public hotspots can make you an easy target for hackers.
“Data passing over a public Wi-Fi network is often unencrypted. A ‘man-in-the-middle’ attack is when a hacker intercepts the data travelling between your device and the Wi-Fi router. This makes it possible to steal confidential information, such as passwords or credit card details and It leaves you vulnerable to identity theft and fraud. The software used to snoop on unencrypted network traffic is readily available on the internet.”
A scam Instagram post posted on Leanne’s account
They continued: “Users also need to beware of rogue hotspots. This is when cybercriminals set up a Wi-Fi point, usually with a name very similar to the legitimate hotspot. This tricks people into connecting to their network. If you connect to the rogue hotspot, the hacker can intercept your data or inject malware into your device.”
Leanne said her nightmare began on January 2 when she woke to messages from friends warning her about strange activity on her Facebook page. She immediately contacted the police, and her bank accounts were frozen – but while inquiries into the fraud are ongoing, her bank have not yet confirmed whether she will be able to recoup the money she lost.
Leanne said: “I realised I couldn’t access any of my accounts and I went into a panic. They said my email address didn’t match my accounts. Then I realised my bank account had been wiped and I’d lost everything, including my wee boy’s money after his dad died.
“My son regularly uses my phone when we’re out and about on public WiFi. Police told me hackers just watch for people on open networks. They got into my email, found my password and then managed to access all my other accounts because I used similar passwords for everything.”
Get the latest news sent straight to your messages by joining our WhatsApp community today.
You’ll receive daily updates on breaking news as well as the top headlines across Scotland.
No one will be able to see who is signed up and no one can send messages except the Daily Record team.
All you have to do is click here if you’re on mobile, select ‘Join Community’ and you’re in!
If you’re on a desktop, simply scan the QR code above with your phone and click ‘Join Community’.
We also treat our community members to special offers, promotions, and adverts from us and our partners. If you don’t like our community, you can check out any time you like.
To leave our community click on the name at the top of your screen and choose ‘exit group’.
If you’re curious, you can read our Privacy Notice.
Leanne described her ordeal as a “living nightmare” and has been left with just 33p in her account as cops probe the incident.
Deputy Head of Action Fraud, Steve Proffitt, warned: “There is no doubt that people face risk when they connect to a public Wi-Fi network. It is important that people consider what they use public Wi-Fi for and are aware that there are cyber criminals that will use every opportunity to infiltrate networks in order to gather personal and financial details”.
A Police Scotland spokesperson said: “On Friday, January 3 2025, police in Dalkeith received a report of a woman’s social media and bank accounts being hacked and money stolen. Inquiries are ongoing.”
Top tips to avoid being scammed while on public Wi-Fi hotspots:
- Make sure any website you are using has a secure HTTPS connection. The full web address (URL) should begin with HTTPS rather than HTTP, which is not encrypted.
- Avoid using password-protected websites that contain sensitive information, like online banking, email and social media. If you do want to access these services, it’s better to use your mobile phone network instead of public Wi-Fi.
- Be aware of rogue hotspots, often with names very similar to authentic public Wi-Fi networks. Take the time to check you are connecting to a legitimate network. If in doubt, ask an employee at the location to verify the correct name of the Wi-Fi point.
- Set your mobile device to ‘ask’ before it connects to a Wi-Fi network, rather than automatically connecting to an available network. Hackers can easily spoof a Wi-Fi network’s broadcast name. Check your settings to make sure the device asks first. This will allow you to make a decision about whether it’s safe to connect or not.
- Apply software updates and use anti-virus to reduce the risk of being infected by viruses or malware when using unsecured public Wi-Fi.
- Consider using a virtual private network (VPN) if you regularly work with confidential information whilst on the move. VPN software protects you by encrypting all your network traffic.
Don’t miss the latest news from around Scotland and beyond – Sign up to our daily newsletter here.