Tips to stay safe on Public Wi-Fi

What’s better than sitting in a coffee shop and sipping your favourite drink or in a bar tucking into some food whilst at the same time, checking your emails, logging into social media or generally browsing the web?

I’ll tell what’s better, doing it securely!

Public Wi-Fi hot spots are great for keeping connected on the go and saving your own mobile data usage but they are notorious for having security weaknesses and many scammers create fake hotspots to con innocent users.  Criminals have expoilted peple by being able to see what you’re doing, for example seeing what news articles you're reading, which memes you've liked on Instagram or maybe your bank details!

Why are these networks so insecure?

What are the common ways criminals exploit us on public wifi?

Many public Wi-Fi hotspots don’t use any password access control or encryption which means anyone else on that Wi-Fi hotspot can see all the traffic on that network and there’s no special tricks or hacking apps you need to do this.  Anyone can spy on these unsecure networks with a few mouse clicks.

At home many of our home private Wi-Fi networks have a password which only a few relatives or friends have.  There are public Wi-Fi hotspots that require passwords but that doesn’t make it secure, this is because that password is often easier to guess and quite often shared with hundreds or thousands of people who enter that shopping mall or travel interchange.  Many hackers are already on the network before you enter the area and log in and therefore they can monitor and see the handshake that takes place between your device and the access point when you first connect to the hotspot.  In this instance, the attacker can steal your encryption key and spy on everything you do even though your connection is encrypted.

Public Wi-Fi is also supteble to a man in the middle attack which is exactly what it says – a person sitting in between your device and the access point and seeing everything you do.  What criminals also do is set up a Wi-Fi hotspot that looks like the legit one and everything you do will be sent to the attackers computer.  Again, this isn’t sophisticated, it’s someone tricking those who are less aware of what is the official hotspot for where they are.

To protect yourself from this type of attack it’s good to check with the bar owner what’s the right Wi-Fi name.

What can you do to keep prying eyes away from your browsing habits.

It’s not all doom and gloom, there are ways to protect yourself when you want to connect to the web when you’re out and about.

1. Use https and look out for the lock icon in the website name in the web browser.  Many websites that require a login use https by default but there are some that don’t so be aware that any sites without the s at the end of http and no padlock means everything you do on that site is open to everyone else to see.

2. For more serious security use a virtual private network (VPN).  This creates a secure tunnel between your device and a proxy server that encrypts all traffic even if you’re on a http site that doesn’t support security.

VPNs are available as free and paid services, and there are various teirs of service depending on your needs.

3. Finally, always ask the owner or the a staff at the establishment you’re visiting what the actual name of the WiFi connection is to avoid connecting to a fake access point.

Remember, spotting a fake connect won’t be as easy as “Fake hotspot" but could be as subtle as HotelWiFi but HotellWiFi with a double ll