Picture this… It’s Saturday afternoon and you’re hanging out at the mall waiting to see a movie at the Cinema located in the mall complex. It is not yet your viewing time, so you decided to use the free Wi-Fi at the mall to catch up on a few tasks you couldn’t quite get to during your busy week. Sounds familiar? This is a typical scenario for many of us, but did you know you might be unaware of some threats lurking in the background on public Wi-Fi while you balance your bank account, complementing your wait time with a bottle of chilled Coca-cola?
What is public Wi-Fi?
Public Wi-Fi can be found in popular public places like airports, coffee shops, malls, restaurants, and hotels — and it allows you to access the Internet for free. These “Hotspots” are so widespread and common that people frequently connect to them without thinking twice. Although it sounds harmless to log on and check your social media account or browse some news articles, everyday activities that require a login — like reading e-mail or checking your bank account — could be risky business on public Wi-Fi.
What are the Risks of Public Wi-Fi?
The problem with public Wi-Fi is that there are a tremendous number of risks that go along with these networks. While business owners may believe they are providing a valuable service to their customers, chances are the Security on these networks is lax or nonexistent.
One of the most common threats on these networks is called a Man-in-the-middle (MitM) attack. Essentially, a MitM attack is a form of eavesdropping. When a computer makes a connection to the Internet, data is sent from point A (computer) to point B (service/website), and vulnerabilities can allow an attacker to get in between these transmissions and “read” them. So what you thought was private no longer is.
Encryption means that the information that is sent between your computer and the wireless router is in the form of a “Secret Code”….so that it cannot be read by anyone who doesn’t have the key to decipher the code. Most routers are shipped from the factory with encryption turned off by default, and they must be turned on when the network is set up. If an IT professional sets up the network, then chances are good that encryption has been enabled. However, there is no surefire way to tell if this has happened.
Thanks to Software vulnerabilities, there are also ways that attackers can slip malware onto your computer without you even knowing. A software vulnerability is a security hole or weakness found in an Operating System or Software program. Hackers can exploit this weakness by writing code to target a specific vulnerability, and then inject the malware onto your device.
Snooping and Sniffing
Wi-Fi snooping and sniffing is what it sounds like. Cybercriminals can buy special software kits and even devices to help assist them with eavesdropping on Wi-Fi signals. This technique can allow the attackers to access everything that you are doing online — from viewing whole webpages you have visited (including any information you may have filled out while visiting that webpage) to being able to capture your login credentials, and even hijack your accounts.
This “rogue access points” trick victims into connecting to what they think is a legitimate network because the name sounds reputable. Say you’re staying at the Radisson Blu Hotel and want to connect to the Hotel’s Wi-Fi. You may think you’re selecting the correct one when you click on “Radisson Blu”….but you haven’t. Instead, you’ve just connected to a rogue hotspot set up by Cybercriminals who can now view your sensitive information.
How to stay safe on public Wi-Fi
The best way to know your information is safe while using public Wi-Fi is to use a virtual private network (VPN), when surfing on your PC, Mac, Smartphone, or Tablet. However, if you must use public Wi-Fi, follow these tips to protect your information.
- Allow your Wi-Fi to auto-connect to networks
- Log into any account via an app that contains sensitive information. Go to the website instead and verify it uses HTTPS before logging in
- Leave your Wi-Fi or Bluetooth on if you are not using them
- Access websites that hold your sensitive information, such as financial or healthcare accounts
- Log onto a network that isn’t password protected
- Disable file sharing
- Only visit sites using HTTPS
- Log out of accounts when done using them
- Use a VPN to make sure your public Wi-Fi connections are made private
The popular acronym…Wi-Fi stands for Wireless Fidelity. At one point or another, we all desire to enjoy free internet services without having to worry about data usage. However, it is worth noting that some of these free internet services are a game of Tit for Tat. Do not fall into the trap of free Wi-Fi unknown to you…giving out your birthright in exchange for a bowl of porridge.