Hidden dangers of public WiFi and how to avoid them
In the era when cybercrime is flourishing, public WiFi has become a golden opportunity for various types of criminals. A recent survey shows that 79% of public WiFi users take significant risks when choosing their WiFi connection. They select a hotspot for its WiFi strength, go for a name that sounds appropriate, or simply pick any free option.
However, public places make a good cover for hackers who can easily set up malicious hotspots and steal people’s personal data. Daniel Markuson, the digital privacy expert at NordVPN, spoke about the risks of unsafe public WiFi with a couple of hackers in closed online forums. They agreed to share their expertise in exchange for remaining anonymous.
What makes public WiFi unsafe
All the hackers agreed on two common points that can make any public WiFi hotspot vulnerable. These are poor router configuration and a lack of a strong password.
With dozens or even thousands of people in a public place, a snooper is in a perfect position to look for their prey without being noticed. It doesn’t take much to start the vicious process: normally the attackers would use pretty basic and easy-to-use software, which is legal to get. The skilled hackers name Wireshark and Aircrack-ng as good examples. They claim it can take a couple of minutes to start peeking at confidential information sent from a device connected to an unsecure WiFi.
The worst part of being attacked is that the victim might not even notice their gadget has been hijacked. If you’re lucky, the snooper may just read your browsing activity. But in the worst-case scenario, they can steal all your sensitive information, including passwords and credit card details.
Did you know that your home WiFi name gives away your address? As your device is constantly looking for trusted WiFi networks, stalkers can use these connection requests to find out where you live. All they need to do is find an open public space and set up a tiny scanner that passively collects all nearby WiFi join requests. Warning from the anonymous hackers: anyone who knows your home WiFi name can find out where you live. It’s enough to type it on a public website that creates heatmaps of WiFi hotspots, such as Wigle.net.
Types of hacker attacks on public WiFi
The anonymous hackers explain the most common types of cyberattacks that can be launched on insecure public WiFi networks:
- Man-in-the-middle attacks. When a device makes a connection to the internet, the data travels from it to a certain service or website. An attacker can get in between the transmission and modify it. The information on the device becomes no longer private.
- Evil twin attacks. These can happen when cybercriminals create fake WiFi hotspots. When a device connects to a rogue access point controlled by a hacker, all the communications fall into their hands.
- Malware injections. When you connect to an unsecured network, malicious code can slip into your device at any time. Once the malware infects the device, it can break down the system and give the hackers complete freedom over your personal files.
- Snooping and sniffing. With the help of special software, cybercriminals can see all data passing through the network and access what you do online. They can view your browsing history, capture your login details, and break into your online accounts to steal sensitive information or even money.
How to stay safe
According to Markuson, the digital privacy expert at NordVPN, it is better to stay away from public WiFi and use your mobile data instead. However, if there’s no other choice, here are some useful tips on what you should do to protect your devices and the information they hold.
- When connecting to a WiFi in a coffee shop or a hotel, always double-check the network name with a member of the staff. Remember, hackers might create fake WiFi hotspots using names that look trustworthy.
- On public WiFi, avoid visiting sensitive websites, logging into your social accounts, and never perform any banking transactions. Public WiFi is best for browsing the internet.
- If you must log into private accounts, make sure you have set up two-factor authentication. Use an e-signature to perform any important transactions.
- Enable your firewall. Most operating systems have a built-in firewall, which keeps outsiders from going through your computer’s data. Although it won’t completely protect from hacks, the firewall is useful if combined with other security tools.
- Use a VPN (virtual private network). A reliable VPN, like NordVPN, will make sure your online connections are private and no sensitive data can get into the hands of criminals. The tool will send your internet traffic through an encrypted tunnel, which makes it almost impossible to hijack.
- Remember to turn off the WiFi function on your device when not using it. It will spare you from the unwanted connections with WiFi networks surrounding you.
Markuson recommended being extra cautious about connecting to any WiFi hotspot in a public place. To save your private information, traffic, and browsing data as well as to protect yourself from possible identity theft, stay away from unsafe networks or use VPN, like NordVPN.