In the era when cybercrime is flourishing, public Wi-Fi has become a golden opportunity for various types of criminals. The latest survey shows that 79% of public Wi-Fi users take significant risks when choosing their Wi-Fi connection. They select a hotspot for its Wi-Fi strength, go for a name that sounds appropriate, or simply pick any free option.
However, public places make a good cover for hackers who can easily set up malicious hotspots and steal people’s personal data. Daniel Markuson, the digital privacy expert at NordVPN, discussed the risks of unsafe public Wi-Fi with a couple of hackers in closed online forums. They agreed to share their expertise in exchange for remaining anonymous.
What makes public Wi-Fi unsafe
All the hackers agreed on two common points that can make any public Wi-Fi hotspot vulnerable. These are poor router configuration and a lack of a strong password.
With dozens or even thousands of people in a public place, a snooper is in a perfect position to look for their prey without being noticed. It doesn’t take much to start the vicious process: normally the attackers would use pretty basic and easy-to-use software, which is legal to get. The skilled hackers name Wireshark and Aircrack-ng as good examples. They claim it can take a couple of minutes to start peeking at confidential information sent from a device connected to an unsecure Wi-Fi.
The worst part of being attacked is that the victim might not even notice their gadget has been hijacked. If you’re lucky, the snooper may just read your browsing activity. But in the worst-case scenario, they can steal all your sensitive information, including passwords and credit card details.
Did you know that your home Wi-Fi name gives away your address? As your device is constantly looking for trusted Wi-Fi networks, stalkers can use these connection requests to find out where you live. All they need to do is find an open public space and set up a tiny scanner that passively collects all nearby Wi-Fi join requests. Warning from the anonymous hackers: anyone who knows your home Wi-Fi name can find out where you live. It’s enough to type it on a public website that creates heatmaps of Wi-Fi hotspots, such as Wigle.net.
Types of hacker attacks on public Wi-Fi
The anonymous hackers explain the most common types of cyberattacks that can be launched on insecure public Wi-Fi networks:
- Man-in-the-middle attacks. When a device makes a connection to the internet, the data travels from it to a certain service or website. An attacker can get in between the transmission and modify it. The information on the device becomes no longer private.
- Evil twin attacks. These can happen when cybercriminals create fake Wi-Fi hotspots. When a device connects to a rogue access point controlled by a hacker, all the communications fall into their hands.
- Malware injections. When you connect to an unsecured network, malicious code can slip into your device at any time. Once the malware infects the device, it can break down the system and give the hackers complete freedom over your personal files.
- Snooping and sniffing. With the help of special software, cybercriminals can see all data passing through the network and access what you do online. They can view your browsing history, capture your login details, and break into your online accounts to steal sensitive information or even money.
How to stay safe
According to Daniel Markuson, the digital privacy expert at NordVPN, it is better to stay away from public Wi-Fi and use your mobile data instead. However, if there’s no other choice, here are some useful tips on what you should do to protect your devices and the information they hold.
- When connecting to a Wi-Fi in a coffee shop or a hotel, always double-check the network name with a member of the staff. Remember, hackers might create fake Wi-Fi hotspots using names that look trustworthy.
- On public Wi-Fi, avoid visiting sensitive websites, logging into your social accounts, and never perform any banking transactions. Public Wi-Fi is best for browsing the internet.
- If you must log into private accounts, make sure you have set up two-factor authentication. Use an e-signature to perform any important transactions.
- Enable your firewall. Most operating systems have a built-in firewall, which keeps outsiders from going through your computer’s data. Although it won’t completely protect from hacks, the firewall is useful if combined with other security tools.
- Use a VPN (virtual private network). A reliable VPN, like NordVPN, will make sure your online connections are private and no sensitive data can get into the hands of criminals. The tool will send your internet traffic through an encrypted tunnel, which makes it almost impossible to hijack.
- Remember to turn off the Wi-Fi function on your device when not using it. It will spare you from the unwanted connections with Wi-Fi networks surrounding you.
Daniel Markuson recommends being extra cautious about connecting to any Wi-Fi hotspot in a public place. To save your private information, traffic, and browsing data as well as to protect yourself from possible identity theft, stay away from unsafe networks or use VPN, like NordVPN.