Public Wi-Fi is a fact of life these days. Students burning the midnight oil log on at coffee shops and in libraries to finish their work. At the gym, we connect on our phones to access streaming music while we work out. While we shop, we connect to a public network to look up product information or find coupons. But is it safe to use public WiFi?
The problem is that while it might be convenient to pay a bill or check your bank balance while you wait in line for a pumpkin spice latte, when you expose your personal information on a public Wi-Fi network, it’s often the online equivalent of changing your clothes in front of an open window. The problem with public Wi-Fi is that, well, it’s public — and it’s very possible that everything you do can be seen by a cybercriminal.
Stealing Log-Ins, Taking Over Your Life
When you get online at home, you most likely log on via your own secure, password-protected connection. The only way that anyone else can get on the network is if you provide the password, thereby keeping unwanted visitors off your connection. Most of us secure our Wi-Fi to prevent unauthorized use by the neighbors — they can pay for their own Internet access, thank you very much — but the password protection also helps keep the spies away.
On public networks, though, cybercriminals have what essentially amounts to unfettered access to sensitive information. In most cases, the criminal sets up shop in a place where he or she knows that people use the public network, such as a coffee shop, and takes pains to blend in. For example, the hacker might look like a typical college student typing away on a laptop. Except instead of writing a paper for English 101, he’s really using inexpensive, and readily available, apps and software to intercept the web traffic on the network.
Some of the information that hackers can easily access includes:
- Screenshots of the web pages that are being visited by network users.
- Email information, including login information as well as the addresses of the sender and recipient and content in the email.
- Login information for FTP and file sharing accounts, in addition to files themselves.
- Social media logins and pages.
- Financial services logins and information, including banks and credit cards.
When a hacker sees this information, it’s not difficult for them to wreak havoc on your life. Not only can they steal money when they have your bank account information, or use your credit cards after stealing the account number and other pertinent information after eavesdropping on your online shopping session, they can also harm your reputation or steal your email address book to spread malware. For example, a criminal could access your Facebook profile and download harmful apps that infect your computer and those of all of your friends — all without you even realizing what happened.
How Criminals Exploit Public Wi-Fi
There are two primary ways in which hackers exploit public Wi-Fi networks: Honeypot attacks, and packet sniffing.
Honeypot attack refers to hackers creating spoofed or fake Wi-Fi accounts to steal user information. They might create a fake network called “Coffee Shop” or a name that is similar to that of the legitimate network to trick users into logging on.
When a hacker uses packet sniffing, the hacker uses special software to find and display the packets, or segments, of code shared over the network. Not everything is useful — a hacker will probably ignore you if you are just reading a gossip website — but if you log into any accounts, send email, or access sensitive data, the hacker will take notice.
Protecting Yourself
So how do you keep your information secure? The simple answer is to avoid public Wi-Fi networks, but that isn’t always practical or even desirable. You can, however, take steps to protect your data, especially when using mobile devices.
- Manage your device settings so you control connections. In other words, do not automatically connect to available Wi-Fi networks, but choose the network yourself to avoid falling victim to a honeypot attack.
- Install protections on your device. An Android security program will help block unwanted and harmful malware and viruses, as well as help protect your privacy. You might also consider an app that creates a Virtual Private Network (VPN) to encrypt your data.
- Ensure that your online sessions are encrypted by checking that the web address starts with https://. Keep in mind that some sites will only secure log-ins and will switch to unencrypted data afterwards.
- Never use public Wi-Fi for banking, shopping, or other vulnerable tasks. If you must do something while on the go, use your private cellular network instead.
Public Wi-Fi is convenient, but it can also be dangerous. If you take precautions, though, you’ll be able to stay connected on the go without suffering a data breach.