The FBI has reported that users of ‘out-of-home-WiFi’ (free-WiFi hotspots, hotel WiFi, etc.) have become infected with malware, while upgrading ‘a widely used software product’.

http://www.fbi.gov/scams-safety/e-scams

The original report states :

“Recently, there have been instances of travelers’ laptops being infected with malicious software while using hotel Internet connections. In these instances, the traveler was attempting to set up the hotel room Internet connection and was presented with a pop-up window notifying the user to update a widely used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available.”

Even though the software product is not mentioned by name, it is good to inform you that one of the most common software products using this type of upgrades is Adobe Flash… so watch out when upgrading Adobe Flash (and any other software upgrade that is offered) when you are not on your own private WiFi-network.

So… here are some useful guidelines regarding software updates while traveling :

1- if you can do without upgrading, don’t upgrade while traveling ; wait until you’re back home on your own trusted WiFi-network

2- if you really need to upgrade, take these precautions : when you are prompted to upgrade any software while on an ‘out-of-home-WiFi’-network, click to close the pop-up window that is urging you to upgrade. Then either use OSX’s built-in “Software Update…” feature, or open the (Mac) App Store to download your updates from there, or manually type the URL of the known software-maker and download the software update directly form their site (after having double checked that your installed version is not the latest one).

Note : in the case of of the Adobe Flash browser plugin, the software-maker’s website is Adobe.com