Free public WiFi- whether it’s at your favorite coffee shop or public space – can seem like an oasis in our interconnected world. But major dangers exist when using public WiFi networks – dangers which can compromise your data and give hackers access to your information. Most people don’t even know they have been hacked until much later once the hacker has drained their bank accounts or changed their email and other passwords. Though using public WiFi always comes with risks, there are loads of steps you can take to protect yourself against unwanted visitors (hackers). Find out some of the dangers and how to mitigate them in this list of 25 Risks Of And Ways To Protect Yourself On Public WiFi.
Mobile apps aren't as secure
As most people access websites on a laptop or desktop, website operators have worked on integrating encryption and other protections in them first. Thus, mobile apps may not have the same amount of protections. (See #24 for a tip on how to protect yourself!)
Never use a mobile app for sensitive transactions on a public WiFi network
Since mobile apps aren’t as secure as webpages, if you have to perform sensitive operations (like checking your bank account) while out in public, either use your phone’s data connection or open a browser and use the company’s mobile website (checking for #16).
Using public WiFi to buy anything or manage your finances is risky
Finances – whether your credit card details when purchasing from Amazon or your bank login details when checking your accounts – are at huge risk on any public WiFi network. Regardless of your own security programs, avoid transmitting such sensitive date when on public WiFi.
Use networks with strong encryption methods
WEP and WPA are two of the most common encryption techniques WiFi networks will use. If you’re dealing with really sensitive data, look for WPA2 which is one of the strongest encryption techniques on the market.
Automatically connecting to open public networks is dangerous
Some smartphones have the option to automatically connect to open WiFi networks, reducing your data plan usage. But it’s pretty dangerous. You could walk by a network and your phone automatically connects without you even knowing – opening your data up to theft.
Use a VPN
A VPN (Virtual Private Network) encrypts your data when you’re connect to the internet. Encrypting – scrambling your information into code – makes it almost impossible for your standard thief to access your data as it shrouds your information from their view.
VPN's other advantage
Beyond keeping you safer while on public WiFi networks, using a VPN means you can also access any websites which the website restricts or blocks.
Dodgy WiFi providers
A big danger of using a public WiFi network is the shady WiFi provider. Though most big chains will be more reputable providers, if you don’t trust the owner – don’t use it. Just as thieves can pull your bank card details from an ATM if they insert a special reader, dodgy WiFi providers can steal your information and sell it on later.
Cutting corners puts you at risk
Many free WiFi networks – even at your favorite coffee shop – don’t use the best (or anywhere near) encryption technology in an effort to cut costs. That means your data is vulnerable and you need to take security into your own hands.
HTTPS websites are more secure
Short for “Hyper Text Transfer Protocol Secure”, HTTPS (the little lock next to a website’s URL in the address bar) means the owners have added an extra layer of protection. Most major websites will include this feature which lowers the danger of accessing it on public WiFi but does not eliminate it. Try using only HTTPS websites when not on a secure network.
Two-Factor Authentication makes you safer
You’ve probably been asked by Gmail, Twitter, or another account if you would like to turn on two-factor (or two-step) authentication. It’s a wise move. If a hacker gets your password when you’re on public WiFi, using two-step authentication gives you an extra layer of protection from their access to your accounts.
If you enjoyed this list, you should take a look at these 25 Interesting Facts About Computer Viruses You Really Should Know.
Never connect as a home network
After connecting to a WiFi network, your computer will often ask if you want to be able to share files with other users, effectively making it a home or business network. While this is useful for those networks, it’s like leaving your front door open; in Manhattan; with a sign advertising free stuff; where the free stuff is all your possessions.
Terms & Conditions don't make you safer
Just because a page asks you to accept Terms & Conditions before connecting doesn’t mean it’s any safer than one that doesn’t. The page is likely there to protect the WiFi owner legally rather than to protect you.
Force your browser to encrypt
Browser add-ons such as Force-TLS and HTTPS-Everywhere are free and can help protect you on public WiFi. These add-ons force your browser to encrypt popular websites which may not otherwise be encrypted. It won’t work on every site – look for HTTPS in the address bar to be sure.
Use a firewall
Most laptop operating systems come with a firewall installed. A barrier to foreign intrusion, a firewall adds an extra layer of security to your device which keeps you safe while connected. Make sure to keep it turned on and updated!
Fake HTTPS connections
Even though HTTPS (from #16) is presumably secure, hackers have found ways around it. The attack sslstrip can take over your HTTPS connection and convert the link to a similar-looking HTTP page, giving the hacker access to data you thought was secure.
Have antivirus software installed
This should go without saying, but in today’s age, it’s critically important to have a strong antivirus software or security program. Trojans and viruses were famous in the early days of the internet and haven’t gone away. Use an antivirus to beef up your computer’s security. (In case something does happen, regularly back up your computer to the cloud or an external hard drive – this will allow you to restore your computer to the way it was if you do get infected.)
Update old browsers
Companies put out updates to their browsers (Chrome, Firefox, etc.) to patch up bugs and fix security risks thieves have likely exploited. Keep yourself safer on public WiFi by keeping your browser up to date with the latest version.
Update old operating systems, too
As the companies (e.g. Microsoft, Google, Apple) which build operating systems (OS) publish a list of bugs once they’re discovered, it’s easy as could be for a hacker to exploit one if your OS is not updated. They just need to find out your OS via your WiFi connection and pull a standard attack from their book.
The bait of a "Free Public WiFi" Network
Never connect to a WiFi connection listed as “Free Public WiFi” or anything similar. Hackers are likely preying on unknowing users who expect free WiFi in places such as airports or city parks. If a place should have a WiFi network, ask for or look for signs with the name. My Favorite Coffee Co. could have a special name for their network, giving a hacker the opportunity to set up in the coffee shop and name their network “My Favorite Coffee Co. WiFi”. It’s a technique known as a Rogue WiFi Network.
Another hacker trick is the ability to change any picture on a website. It may not seem like a big deal, but an “ethical hacker”, Wouter Slotboom, has said it can be used to load child pornography and other pictures (which are criminal offenses). (This one wouldn’t be too common when your juicy bank details are out there.)
Secure yourself by forgetting a network
To stop all possible communication between your device and the network, when leaving a public WiFi network, click on “Forget this network”. Forgetting the network means your device won’t connect automatically when in range. For extra security, sign out of anything you signed into.
The Man-in-the-Middle attack
Using a technique called Man-in-the-Middle, hackers can act as a middle point – connecting you to the WiFi network by passing you through their own network. They can even determine which networks your computer trusts and offer those connection names as options for you to connect to. (Some options include the name of your home and work WiFi networks and even your favorite coffee shop or provider.)
Access to one password may mean access to all of them
Since most people use the same email address for all their online needs, a hacker just has to (easily) grab your email address and password when you sign in on a public WiFi network. From there, they can request lost passwords from other websites you frequently visit which will be sent to the inbox the hacker now controls. Yikes.
The grand conclusion
To wrap up, only use WiFi connections secured with WEP or WPA (WPA2 is best), only visit secure (HTTPS) sites, never perform sensitive activities such as banking while on a public WiFi network, only connect to a network if you absolutely know it, use a firewall and security program, never automatically connect to public networks, avoid mobile apps when using public WiFi, update your operating systems, read the Terms & Conditions, use two-factor authentication whenever it’s offered, and use a VPN connection whenever on public WiFi. Happy browsing!