Pinterest Stumbleupon Whatsapp
Ads by Google

You’ve heard that you shouldn’t open PayPal, your bank account and possibly even your email while using public WiFi. But what are the actual risks?

Well, your home WiFi is (hopefully) encrypted; the WiFi at the coffee shop isn’t. This means you’re at risk of people monitoring your online activity, or worse – unless you know how to protect yourself. Here are a few dangers, and how to avoid them.

Unencrypted Browsing Is Public

WiFi uses radio waves, and radio waves are anything but direct. They broadcast, and this means that anyone within range can see everything you’re doing online, if they have the right software.

This means that, without protection, anyone who wants to can see:

  • Every site you visit
  • Every bit of text you send out
  • Your login information for various sites

The danger here is clear, so naturally you’re going to want protection. At home, you can encrypt your WiFi network WPA2, WEP, And Friends: What's The Best Way To Encrypt Your Wi-Fi? WPA2, WEP, And Friends: What's The Best Way To Encrypt Your Wi-Fi? When setting up wireless encryption on your router, you'll come across a variety of confusing terms -- WPA2, WPA, WEP, WPA-Personal, and WPA-Enterprise. Read More – this prevents snooping by making all of your traffic unreadable with a key. Public WiFi, however, usually isn’t encrypted – you can tell this is the case when you don’t need to type a password in order to connect.

Does this mean you’re defenceless? No.

Ads by Google

Your first line of defence is OpenSSL, a kind of encryption offered by many websites: Google, Facebook and most banks, to name a few. This technology encrypts the traffic between you and another site, meaning no one will be able to snoop on that activity. You’ll know OpenSSL is on when you see “HTTPS” in your browser’s address bar, like this:

Screen Shot 2014-04-10 at 9.55.19 AM

You can make such secure connections the default What Is HTTPS & How To Enable Secure Connections Per Default What Is HTTPS & How To Enable Secure Connections Per Default Security concerns are spreading far and wide and have reached the forefront of most everybody's mind. Terms like antivirus or firewall are no longer strange vocabulary and are not only understood, but also used by... Read More using plugins like HTTPS Everywhere.

OpenSSL isn’t bulletproof – it was recently proven to be vulnerable by Heartbleed Massive Bug in OpenSSL Puts Much of Internet At Risk Massive Bug in OpenSSL Puts Much of Internet At Risk If you're one of those people who've always believed that open source cryptography is the most secure way to communicate online, you're in for a bit of a surprise. Read More . Most sites have patched that up at this point, but the bug proved that everything is potentially vulnerable, even with OpenSSL turned on.

Vulnerabilities, and the fact that many websites aren’t encrypted at all, mean those deeply concerned about privacy should look into using a VPN (Virtual Private Network). These services route all of your computer’s traffic through another server, and usually encrypt that traffic – meaning snooping is impossible. Look into our list of the best VPN services if you’re interested, and consider signing up for a service with encryption. It’s the best way to completely shield yourself from would-be snoops.

Your Fellow Users May Be Infected

Of course, snooping isn’t the only potential danger on a public WiFi network: there’s also the risk of malware. Your fellow coffeeshop patron might be running Windows XP SP1 without any malware protection, putting your computer at risk of infection.

This is why it’s essential to make sure you’ve got a firewall running when you connect to a public WiFi network. In Windows, the simplest way is to set all public WiFi networks as “Public”, when you’re prompted:

public-network-windows

This will turn off your computer’s local file sharing, and block most network traffic. Connecting through a VPN would have a similar effect.

Malware protection is also a good idea if you regularly connect to public networks. Check out best of Windows software page for recommendations, if you’re not already protected. You’ll also find a variety of third-party firewalls, which can also protect you while you’re using third party networks.

The WiFi Network May Be A Trap

DSC01890(1)

Sometimes free WiFi seems too good to be true; sometimes, it is. If you’re connected to a WiFi network, and have no idea whose network it is, beware: the hotspot might exist entirely to steal your personal data.

Setting up a WiFi network is neither hard nor expensive, and scammers have started doing so in the hopes they can steal passwords and other personal information. If you connect to a network called something like “Free WiFi”, with no password required and no welcome screen, it might be a trap.

Connect to one of these networks and you’ll think you’re connecting to the Internet as-per-usual, but in reality you’re falling for an elaborate phishing scam What Exactly Is Phishing & What Techniques Are Scammers Using? What Exactly Is Phishing & What Techniques Are Scammers Using? I’ve never been a fan of fishing, myself. This is mostly because of an early expedition where my cousin managed to catch two fish while I caught zip. Similar to real-life fishing, phishing scams aren’t... Read More . You won’t be able to tell, but you could be entering your email username and password into a fake version of the site you think you’re visiting, giving your password to a scammer in the process. OpenSSL can’t protect you in such cases – everything will appear to be working as usual.

The exact nature of these attacks can vary, but this outline of a DNS-based attack is worth a read for the technically inclined.

How can you protect yourself from such networks? The best way is to connect to WiFi networks only if you know who’s running them. Ask business owners what the name of their network is, to ensure you’re connecting to something legitimate.

But even this isn’t necessarily enough – it’s possible for a coffee shop’s network to be hijacked or replaced. If security is essential, consider an encrypted VPN.

Think Ahead

There are other dangers to using public WiFi – scammers are imaginative, and unsecured Internet connections offer a lot of room to use that creativity. But a few key points to keep in mind, if you want to stay safe:

  • If your traffic isn’t being encrypted, it’s being broadcast – and anyone who wants to can listen in.
  • Ensure you’ve turned on your firewall, and have up-to-date malware protection, or you could run into problems.
  • If security is a must, consider using public WiFi only through an encrypted VPN service.

I’m sure you can think of other security tips, so please: help your fellow readers in the comments below.

  1. Same
    March 8, 2015 at 5:51 pm

    Noob

  2. Eric K
    May 6, 2014 at 9:08 am

    Public charging stations can also be dangerous. Your best bet is to always use your own stuff - bring your own USB cable, bring battery backup. Don't plug into anything that isn't yours.

  3. Lee M
    May 2, 2014 at 5:30 am

    No, I'm quite sure I did not.

  4. Lee M
    April 26, 2014 at 3:56 am

    I used "Hotspot Shield Free," a purportedly free VPN service listed min the Make Use Of article.

  5. Lee
    April 25, 2014 at 3:35 am

    I followed your link to "The Best VPN Services," where I found some free services. I signed up for Hotspot Shield Free. Almost immediately I received a message stating that my "free" period was over, and asking me to sign up for the paid version. That's not my idea of "free."

    • Justin P
      April 25, 2014 at 1:21 pm

      When it comes to routing all of your traffic through a single point of entry so as to ensure security, you're not going to find a free service worth using. That's just the reality, in my experience.

    • Justin P
      April 25, 2014 at 1:22 pm

      But to get to your point, sometimes we list things as free and the company changes their policy later. Which service did you try?

  6. Jon
    April 23, 2014 at 11:40 pm

    There are programs that allow you to surf the Web in stealth mode. These are worth checking out.

  7. Rahul
    April 23, 2014 at 8:06 pm

    How about connecting to VPN using public wifi ?

    • Aibek E
      May 2, 2014 at 11:39 am

      that would work, infact it's one of the reasons people use VPNs in the first place

  8. Zipppz
    April 23, 2014 at 5:41 pm

    With Kali linux, my stalkers grab the wifi passwords (Gerix) as I login to the wireless. There is no security. Same if you are directly connected via cable. If they know your IP address then you're screwed. They have packaged a Remote Access Trojan with a program named CypherX Pro and had injected it into my computer.

  9. Leo Wohlman
    April 23, 2014 at 3:48 pm

    Would using your phone network instead of wifi offer protection?

    • Aibek E
      May 2, 2014 at 11:38 am

      yes, that's what I usually do.

  10. Antonio N
    April 23, 2014 at 2:28 pm

    surprised about how many people don't take security into consideration.

  11. Db
    April 23, 2014 at 11:19 am

    Bottom line is that Wi-Fi is not secure unless you use full SSL encryption. Even then I would not use my credit card on Wi-Fi outside my own home wi-fi environment.
    Just my thoughts.
    D.

    • Debbie K.
      April 23, 2014 at 3:38 pm

      good thoughts.

  12. Joe Dirt
    April 23, 2014 at 1:20 am

    Wow..This is terrible writing. Who wrote this, my 90 year old grandmother?

    • Aquariuzz
      April 23, 2014 at 7:23 pm

      90 year old women got good grammar. They just can't use the computer.

    • Justin P
      April 23, 2014 at 8:07 pm

      Yeah man, lay off 90 year old grandmothers Joe Dirt! Many of them are much better writers than the guy who wrote this article.

  13. Jim Jor
    April 22, 2014 at 9:24 pm

    "But even this isn’t necessarily enough – it’s possible for a coffee shop’s network to be hijacked or replaced. If security is essential, ensure" Ensure what?

    • Justin P
      April 22, 2014 at 9:44 pm

      Oops! Changed to recommend that you're using an encrypted VPN, as stated in other sections.

  14. ReadandShare
    April 22, 2014 at 9:22 pm

    Aaahh... we need an edit button!! My post above, I mean to state that we should minimize accessing our bank/financial accounts. Obviously, most all of us will access email...

  15. ReadandShare
    April 22, 2014 at 9:20 pm

    Most email sites (Gmail, Outlook, Yahoo, etc.) and all financial institution websites now use encryption. Still, it's best not to access them using public hotspots. As the article states -- internet cafe computers (or heck, even your own device) may contain malware that can capture login credentials.

    There are many things we can do to minimize the need to do banking type transactions while on the road. Pay your bills and move sufficient money to your checking account before you leave for a trip. Also, set up automatic alerts at your bank so that you will get a text or an email every time a transaction occurs with your checking account or card account. No more need for you to check for anomalies when on a long trip.

  16. Lomedhi
    April 22, 2014 at 9:08 pm

    You need to replace "OpenSSL" with just "SSL" in this article. OpenSSL is one specific open-source software implementation of SSL.

Leave a Reply

Your email address will not be published. Required fields are marked *