Whether you’re traveling, working remotely, or just needing a quick connection to access event tickets, using public Wi-Fi is sometimes the only option. These free or password-protected networks carry their share of risks that you’ll need to ask yourself if it’s worth the reward when connecting.
Hackers frequently target public connections to install malware, snoop through data, and steal sensitive information. It's important to understand the basics of what happens digitally when you use public unsecured networks and how to protect your device and data when there’s no other option.
Risk Factors
Lack of Encryption
Encryption is a form of data security where information is converted into code to prevent unauthorized access. The readable plaintext information is concealed and altered to appear as incomprehensible text (ciphertext), making it unreadable to anyone without the right key.
On a secure network, the information you’re transmitting is scrambled as it travels from your device to the Wi-Fi router. Public Wi-Fi is most often not encrypted so sending logging into financial accounts or sending sensitive information puts you at risk as cybercriminals can easily access your web traffic.
Man-in-the-Middle Attacks
Cybercriminals who view your unencrypted data on an unsecured, public network can execute what’s called a Man-in-the-Middle Attack. The hacker essentially eavesdrops on information transmitted between your device and its destination, meaning they can intercept your private information like login credentials and payment methods.
Malware Vulnerability
It’s all too easy for cybercriminals to install malware directly onto a public Wi-Fi hotspot, spreading it to every device that connects to it. The malware is distributed through ads or pop-ups, installing the malicious software once clicked and rendering your device unusable.
Rogue Hotspots
In some instances, hackers will set up fake public Wi-Fi networks, almost always not requiring a password, to trick users into connecting. Called rogue or malicious hotspots, the network name will be something like “FREE WIFI” or a deliberate reference to the business or location you’re at. For example, if you’re at a coffee shop called “Brewed,” a malicious network may be called “Brewwed-Guest.” Noticing subtle differences in network names can determine whether cybercriminals can access your data. Always check with the establishment whose Wi-Fi you’re trying to use the network name and password information.
Ways to Stay Safe
Turn off auto-connect
For most devices, the automatic connection or automatic reconnection is activated. With this on, your device will attempt to connect to your preferred network and if unavailable find an open connection even if it isn’t secure. While auto-connect saves you the hassle of entering passwords and manually selecting a network, the risk of cybercriminals getting access to your data including your location does not outweigh convenience.
Turn off file-sharing
File-sharing features allow other devices on the same network to access your files. When on a shared network, including public or unsecured, it's important to be proactive and disable file-sharing or select “No” when prompted after connecting to a public network you trust. If your file sharing is enabled, malicious actors can easily transfer infected files to your device and have unauthorized access to your personal and sensitive information.
Understand the difference between HTTPS and HTTP website
Have you ever received a browser alert that the webpage you’re about to access is unsecure? You’ve then looked at the URL and made sure you typed it in or clicked correctly only to see http://yourwebsite.com instead of https://yourwebsite.com. This subtle change is the difference between your transmission between the browser and the website being encrypted. HTTP (Hypertext Transfer Protocol) does not encrypt the data, making it vulnerable to theft. HTTPS (Hypertext Transfer Protocol Secure) uses a layered approach to encrypt your data transmission, making it unreadable to unwanted interceptors like cybercriminals.
Use a VPN
VPN stands for virtual private network, encrypting all your data and traffic as soon as it leaves your device and heads to its internet destination. Using a VPN is a surefire way to keep your connection secure when public Wi-Fi is the only available option.
You shouldn’t rule out using public Wi-Fi from your digital practices, but it’s crucial to recognize the signs of an unsafe network and what you can do to protect your browsing while on a public network.