ResultQuest was recently contacted by a CEO client who requested assistance in determining the source of a spoofed email in which he directed his corporate accounts payable clerk to wire money to a certain account to pay a vendor. Of course, the email was bogus, but it was formatted and worded in a way that made it appear genuine. Fortunately, the payables clerk contacted the CEO for verification and the fraud was averted.
Our specialist determined that the header of the email was completely fabricated, suggesting a significant level of expertise, and it had characteristics suggesting Nigerian actors. However, the question remained as to how closely held company information had been acquired.
A discussion with the CEO revealed that he had recently accessed the Wi-Fi to check his email on an airline fight, during which time he had noticed "some weird messages" that popped up. Although convenient, especially on long trips, in-flight Wi-Fi provides a target-rich environment for a hacker to gain access to your data, which is probably what had occurred with the CEO. This is especially true for those who lack proper encryption and strong passwords.
In their efforts to make in-flight networks widely accessible, thereby maximizing profits, the providers have intentionally minimized the security layers. This is not to say that aircraft Wi-Fi should never be used. There are means by which risk can be minimized, such as the use of a suitable firewall, deactivation of any sharing services, and close scrutiny of all security certificates. Also, many experts recommend avoidance of the old POP/SMTP email protocol. Moreover, utilizing a virtual private network (VPN) is a good move.
You could also just do things the old fashion way by leaving the Wi-Fi off and working off line. You might also read a book or, heaven forbid, engage your in-flight neighbor in conversation.
For more advice, or to speak at length with an authority on secure electronic communications, call the professionals of ResultQuest at 713-781-9040.