Packet Sniffing. How the Bad Guys Spy On Your Data Online
Hackers and others maybe utilizing "packet sniffing" to read your personal data
You'll often hear that you should be careful when using the Internet, because you never know who's spying on us. Indeed, there are some Internet gurus out there (more than you might think) who are convinced that most Internet Service Providers (ISPs), the ones who connect us to the Internet at home, are watching everything that we're doing—or at least everything that all their customers are doing—and sharing that data with others.
You'll find articles on our WhatIsMyIPaddress.com telling you to be careful whenever you're online using free Wi-Fi at malls and hotels.
But just how would someone go about spying on us 1) without our knowledge, 2) without getting caught and 3) without getting detected by our ISP, a network administrator or our employer's IT department?
Packet sniffing. Putting their nose in your Internet.
Skilled Internet eavesdroppers use a technique called packet sniffing, which allows them to monitor all your activity without your knowledge or approval.
If you've seen any kind of crime/police show, you've heard the police or FBI talk about wiretapping phone calls, which they must get a court order to do.
Packet sniffing on networks (and the Internet) is like wiretapping phone lines.
Someone who is packet-sniffing as your data passes by them may be able to do all the following:
- Read all your emails
- See all your passwords
- Know what websites you have visited
- See all the images from the websites you were on
- Capture account information (banks, credit cards) in detail
In all instances, the victims/targeted users don't know their communications have been tapped and compromised and that they're sharing their private information with a person, or a group of intruders.
Why is it called packet sniffing?
It's strictly a technical explanation.
Whenever you send any kind of "data transmission" over the Internet—whether it's an email, Google Search or shopping transaction—your information is broken down into digital information that is sent in data packets. These data packets are handled with precision by your computer and network, and are labeled and addressed with instructions explaining where they're going. It all works perfectly, and each data packet, and millions of others, go back and forth between destinations instantly and without interruption.
However, if someone has installed specialized hardware or software somewhere on the network,
they can catch that data in mid-transmission long enough to sniff it (inspect it) and, if it's interesting, capture it, copy it, and then send it along its destination...without anyone knowing about it.
Here's the interesting part of it all. Packet sniffing is used by bad guys, hackers and online thieves, as well as, the good guys, security experts and network administrators. For example, companies will monitor their networks to ensure that their employees aren't visiting objectionable websites (which could load malware) or performing other illegal activities at work.
The good of it.
Packet sniffing for business is an important part of maintaining a safe, efficient and reliable company network. Network administrators use packet sniffing as a diagnostic tool to perform tests on the network, monitor activity and troubleshoot any network problems. They will use commercial/professional packet-sniffing software and hardware devices to monitor the traffic on their network.
They'll also use packet sniffing to help them detect if hackers have broken into their networks.
The bad of it.
Hackers, on the other hand use packet-sniffing software (which is available free online!) to break into company networks and steal data. With it, they are virtually able to eavesdrop on any unencrypted information that's being exchanged between computers and traveling on a network.
Let's be clear. Packet sniffers aren't not reading our data for laughs, like some busybody who reads someone's personal diary for the thrill of it. They steal passwords, account numbers, Social Security Numbers and more.
They're out to do steal money or ruin an organization's or individuals reputation.
They also can learn intimate details about the networks they've invaded, and start to plan a bigger attack for the future.
Sniffing on free Wi-Fi.
Packet sniffing is the method a hacker would use to capture information from a wireless network that wasn't secured, such as one at coffeehouse, airport, mall or hotel.
If you're not aware of it already, most locations that offer free Wi-Fi do not guarantee a safe, secure network.
Keep their nose out of your business.
You want to make sure you're doing what you can to keep packet-sniffers from getting hold of your data. Here are the simplest tips you can follow to keep your private and precious data away from nosey online crooks:
- Use "https"-encrypted websites. Look up at the address bar of the website you're on now, and every time you're online. If you see an icon of a lock and https:// in the address bar, you're connected to a secure website.
When that's the case, all your transmissions, back and forth, are encrypted and can't be read by a hacker. Even if he were to sniff out the data, it would be unreadable.
- Use a VPN. A Virtual Private Network routes all your Internet activity through an encrypted network that a hacker can't invade and snoopers can't trace. This is the best way to be online in public, whether you're traveling, running a household, holed up in a hotel room on business, and more. Not only that, but a VPN also hides your actual IP address from anyone who might try to track it and trace it back to your computer.
To use a VPN, you first have to choose an online VPN provider and open an account. The better ones are the services you pay for.
Go here to learn more about hiding your IP address.
So, should you avoid using free Wi-Fi next time you're out and about? No.
But you should be aware that it's possible for someone to be using packet sniffing to see who's doing what online. If that makes you feel uncomfortable, good! It means you'll likely take steps to stay safer online, which is the right thing to do.