You've heard that you shouldn't open PayPal, your bank account and possibly even your email inbox while using public Wi-Fi. But what are the actual risks?

Well, your home Wi-Fi is (hopefully) encrypted—but the Wi-Fi at the coffee shop most likely isn't. This means that you're at risk of people monitoring your online activity, or worse—unless you know how to protect yourself. Here are a few dangers of logging on to public Wi-Fi, and how to avoid them.

1. Unencrypted Browsing Is Public

Open Padlock on Laptop Keyboard

Wi-Fi uses radio waves, and radio waves are anything but direct. They broadcast, and this means that anyone within range can see everything you're doing online if they have the right software.

This means that, without protection, anyone who wants to can see:

  • Every site you visit
  • Every bit of text you send out
  • Your login information for various sites

The danger here is clear, so naturally, you're going to want protection. At home, you can encrypt your Wi-Fi network, and doing this prevents snooping by making all of your traffic unreadable with a key. Public Wi-Fi, on the other hand, is rarely encrypted—you can tell this is the case when you don't need to type a password in order to connect.

But does this mean you're unable to defend yourself? Well, no.

Your first line of defense is OpenSSL, a kind of encryption offered by many websites: Google, Facebook and most banks, to name a few. This technology encrypts the traffic between you and another site, meaning no one will be able to snoop on that activity. You'll know OpenSSL is on when you see "HTTPS" in your browser's address bar, like this:

Invalid SSL certificate

You can make such secure connections the default by using browser plugins like HTTPS Everywhere.

OpenSSL isn't bulletproof. Most sites have patched that up at this point, but the bug proved that everything is potentially vulnerable, even with OpenSSL turned on.

Vulnerabilities, and the fact that many websites aren't encrypted at all, mean those deeply concerned about privacy should look into using a Virtual Private Network (VPN). These services route all of your computer's traffic through another server and usually encrypt that traffic, which makes snooping on your online activity almost impossible.

If you're interested in trying out a VPN, you can check our list of the best VPN providers. If not for location flexibility, consider signing up with services with the best encryption options such as end-to-end encryption. Using a VPN is the easiest way to turn public Wi-Fi networks from dangerous to safe.

2. Your Fellow Internet Users May Be Infected

finding malware on your smartphone
Image Credit: Suttipun/Shutterstock.com

Of course, snooping isn't the only potential danger on a public Wi-Fi network: there's also the risk of malware. Networks aren't a one-way connection between you and the internet, they also indirectly connect you with other devices in the network.

Your fellow coffee shop patrons might be running an older version of Windows with tons of bugs and no malware protection. Under normal circumstances, they're only putting themselves at risk, but thanks to public Wi-Fi, anything malware their computer hosts can jump over to yours.

This risk is, however, easier to mitigate. In fact, you might already have the precaution needed in place. Both macOS and Windows devices have built-in antivirus and anti-malware that keep you safe from incoming malicious files. In Windows, you should make sure you have all public Wi-Fi networks set as "Public" in your security settings, so the software knows not to trust them.

Turning-Off-Windows-Defender-Firewall-For-Private-And-Public-Network-Settings-In-Windows-10

This will turn off your computer's local file sharing, and block most network traffic. Connecting through a VPN would have a similar effect.

Malware protection is also a good idea if you regularly connect to public networks. Check out the best of Windows software page for recommendations, if you're not already protected. You'll also find a variety of third-party firewalls, which can also protect you while you're using third party networks.

3. The Wi-Fi Network May Be a Trap

DSC01890(1)

As Wi-Fi becomes affordable and widespread, more "free" networks are popping up left and right. But sometimes, it's too good to be true. Connecting to a random network without knowing the provider is a high-risk activity, and we don't recommend doing it for several reasons.

Scammers have started setting up fake Wi-Fi networks in public in the hopes they can steal passwords and other personal information. If you connect to a network called something like "Free Wi-Fi", with no password required and no welcome screen, it might be a trap.

Connecting to one of these networks wouldn't be any different from genuine connections. You'll be able to browse the web as usual. But in reality, you're falling for an elaborate phishing scheme.

You won't be able to tell, but you could be entering your email username and password into a fake version of the site you think you're visiting, giving your password to a scammer in the process. OpenSSL can't protect you in such cases—everything will appear to be working as usual.

The exact nature of these attacks can vary, but this outline of a DNS-based attack is worth a read for the technically inclined.

How can you protect yourself from such networks? The best way is to connect to Wi-Fi networks only if you know who's running them. Ask business owners what the name of their network is, to ensure you're connecting to something legitimate.

But even this isn't necessarily enough. It's possible for a coffee shop's network to be hijacked or replaced. That's why it's crucial that you're always connected through a trusted VPN provider and have reliable anti-malware active on your device.

Think Ahead When Connecting to Wi-Fi

There are other dangers to using public Wi-Fi. Scammers are imaginative, and will everything in their power to get a hold of your information.

A few key points to keep in mind, if you want to stay safe:

  • If your traffic isn't being encrypted, it's being broadcast—and anyone who wants to can listen in.
  • Make sure that you've turned on your firewall, and you have up-to-date malware protection.
  • If security is a must, consider using public Wi-Fi only through an encrypted VPN service