The Sophos app on my android phone gave me a security warning saying that:
Suspicious WiFi connection detected
We’ve detected suspicious behaviour on your WiFi Connection. This might be caused by a public network requiring authentication. In this case, open your browser to sign in.
I have reset my home Wifi password but I still keep getting the same message. Can someone advise what I should do?
Hi Jane S,
Thank you for reaching out. After clicking on the notification, does it show the details of the Wi-Fi connection? If it does, please share a snapshot.
For initial troubleshooting, you can run a quick network check. On the dashboard, go to Network Security > Wi-Fi Security > and tap Check Wi-Fi.
I would also like to confirm a few details:
1. Is there another network you could connect to? If there is, is the issue happening with all networks?2. On your Android phone, if you haven't already, please disconnect from your Wi-Fi network, "Forget" the network, and then reconnect to it. See if the error shows up again.
Let us know how it goes. Thank you.
Thank you for getting back to me.
Yes, it shows the details of the wifi connection. Below is a snapshot.
1. Yes, there is another network that l connected too but no issues are showing up on the other network. Only the home wifi.
2. Yes, l did the 'forget' network about 10 times and still get the error again.
Is my wifi network at risk or is it a bug in the app?
Any further assistance is greatly appreciated.
Thank you for sharing the details. In this case, we'll need to look at the logs so we can further analyze what's causing this issue.
Kindly refer to this article on how to get Sophos Mobile logs on a device - docs.sophos.com/.../GetClientLogs.html
On the part where you have to enter an email address or a recipient, you may enter your own email address, then share us the logs via PM, Google Drive or OneDrive.
Once l obtain the logs how do l share them via a PM, Google drive or One Drive as you have suggested. Do you have an article l can follow on how to do this?
I have reached out to you via PM regarding the gathering of logs. Kindly check your messages.
Thank you for collecting and sharing the logs.
The Intercept X Mobile app performs a number of checks when you run the Wi-Fi security check. The results from the logs you provided show:
isOnline: trueisConnectedToWifi: trueisConnectedToMobile: falseisRedirection: falseisPinningError: trueisCaptivePortal: falseisCaptivePortalSafe: falsewrongDnsLookup: falseisSslStripping: falseisArpSpoofed: falseisNotRedirectingToHttps: falsednsRedirect: falseisUnsecureContentInSecureSite: false
During this check the certificates stored in the Intercept X Mobile application are checked against a few websites. If these checks fail, this error may come up. In a home-network however, this is not unexpected. If you wish to investigate further, I recommend checking if your network router/modem has any security features that are affecting the results you're seeing.
You can also try testing with another device to verify if the issue is with the router, or with your mobile device specifically. In general, for a home network, this error does not always mean that you are compromised.
Thank you. I have tested with another device and the issue didn't occur. It only seems to occur with my device. Does that mean that my device has been compromised?
In some cases, uninstalling and reinstalling the Intercept X Mobile application will also resolve the issue. Let me know if this works for you.