This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Suspicious WiFi connection detected

The Sophos app on my android phone gave me a security warning saying that:

Suspicious WiFi connection detected

We’ve detected suspicious behaviour on your WiFi Connection. This might be caused by a public network requiring authentication. In this case, open your browser to sign in.

I have reset my home Wifi password but I still keep getting the same message. Can someone advise what I should do? 



This thread was automatically locked due to age.
  • Hi Jane S,

    Thank you for reaching out. After clicking on the notification, does it show the details of the Wi-Fi connection? If it does, please share a snapshot.

    For initial troubleshooting, you can run a quick network check. On the dashboard, go to Network Security > Wi-Fi Security > and tap Check Wi-Fi.

    I would also like to confirm a few details:

    1. Is there another network you could connect to? If there is, is the issue happening with all networks?
    2. On your Android phone, if you haven't already, please disconnect from your Wi-Fi network, "Forget" the network, and then reconnect to it. See if the error shows up again.

    Let us know how it goes. Thank you.

    Gladys Reyes
    Global Community Support Engineer
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi Gladys, 

    Thank you for getting back to me.

    Yes, it shows the details of the wifi connection. Below is a snapshot.

    1. Yes, there is another network that l connected too but no issues are showing up on the other network. Only the home wifi.

    2. Yes, l did the 'forget' network about 10 times and still get the error again.

    Is my wifi network at risk or is it a bug in the app?

    Any further assistance is greatly appreciated.

    Jane

  • Hi Jane S,

    Thank you for sharing the details. In this case, we'll need to look at the logs so we can further analyze what's causing this issue.

    Kindly refer to this article on how to get Sophos Mobile logs on a device - docs.sophos.com/.../GetClientLogs.html

    On the part where you have to enter an email address or a recipient, you may enter your own email address, then share us the logs via PM, Google Drive or OneDrive.

    Thank you!

    Gladys Reyes
    Global Community Support Engineer
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Thanks Gladys.

    Once l obtain the logs how do l share them via a PM, Google drive or One Drive as you have suggested. Do you have an article l can follow on how to do this?

  • Hi Jane S,

    I have reached out to you via PM regarding the gathering of logs. Kindly check your messages.

    Thank you.

    Gladys Reyes
    Global Community Support Engineer
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi Jane S,

    Thank you for collecting and sharing the logs.

    The Intercept X Mobile app performs a number of checks when you run the Wi-Fi security check. The results from the logs you provided show:

    isOnline: true
    isConnectedToWifi: true
    isConnectedToMobile: false
    isRedirection: false
    isPinningError: true
    isCaptivePortal: false
    isCaptivePortalSafe: false
    wrongDnsLookup: false
    isSslStripping: false
    isArpSpoofed: false
    isNotRedirectingToHttps: false
    dnsRedirect: false
    isUnsecureContentInSecureSite: false

    During this check the certificates stored in the Intercept X Mobile application are checked against a few websites. If these checks fail, this error may come up. In a home-network however, this is not unexpected. If you wish to investigate further, I recommend checking if your network router/modem has any security features that are affecting the results you're seeing.

    You can also try testing with another device to verify if the issue is with the router, or with your mobile device specifically. In general, for a home network, this error does not always mean that you are compromised.

    Gladys Reyes
    Global Community Support Engineer
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi Gladys,

    Thank you. I have tested with another device and the issue didn't occur. It only seems to occur with my device. Does that mean that my device has been compromised?

    Jane

  • In some cases, uninstalling and reinstalling the Intercept X Mobile application will also resolve the issue. Let me know if this works for you.

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids