A Palmyra man has admitted creating free fake Wi-Fi access points to glean personal information from people who connected to them.
Michael Clapsis, 42, appeared in Perth Magistrates Court on Friday, where he pleaded guilty to 15 cyber-crime offences.
Michael Clapsis admitted creating a fake Wi-Fi.
Negotiations with prosecutors meant 31 other charges were dropped. Previous court appearances heard Clapsis was arrested after an airline employee reported concerns about a suspicious Wi-Fi network during a domestic flight in April.
Australian Federal Police searched Clapsis’ luggage and seized a portable wireless access device, a laptop and a mobile phone from his hand luggage. They also searched his Palmyra home.
He was arrested a month later, with AFP saying at the time Clapsis “used a portable wireless access device to create ‘evil twin’ free Wi-Fi networks” which he used at multiple locations to lure unsuspecting users into believing they were legitimate services.
Loading
“The AFP alleges that when people tried to connect their devices to the free Wi-Fi networks, they were taken to a fake webpage requiring them to sign in using their email or social media logins,” the AFP said.
“Those details were then allegedly saved to the man’s devices.”
Police claimed Clapsis used email and password details to access more personal information, including online communications, stored images and videos or bank details.
They said they found data used at airports in Perth, Melbourne and Adelaide, on domestic flights and at locations linked to the man’s previous employment.
On Friday, the court was told Clapsis had reached a plea deal with Commonwealth prosecutors which allowed 31 charges against him to be dropped in return for a plea of guilty to 15 others.
Those charges include failing to comply with an order, destroying evidence, stealing, possessing or controlling data intending that the data be used to commit or facilitate the commission of an offence, knowingly caused the unauthorised impairment of electronic communications and causes/intends to cause unauthorised access or modification of restricted data.
He will be back before the court in August, where a sentencing date will be set down.
Start the day with a summary of the day’s most important and interesting stories, analysis and insights. Sign up for our Morning Edition newsletter.
