You might be used to having an internet connection wherever you go. And not just cellular data: free internet is available at most restaurants, hotels, airports, and coffee shops.

Still, just because it’s available and free doesn’t mean you should be using it. At least not without taking a few precautions. Unless, of course, you want a stranger to hack your smartphone and access all of your files.

How Do Cybercriminals Hack Smartphones?

Hacking into someone’s smartphone isn’t as complex as you might think. One doesn’t have to be a seasoned hacker, typing zeros and ones on a black screen from their basement. Nowadays, free software available online automates most of the work for them.

And while you might be thinking “I’m not a worthy target”, hackers think the opposite. Since hacking is no longer especially hard or time-consuming, getting information from smartphones is profitable for many black-hat hackers.

Even if you don’t have your bank information on your smartphone, your internet browsing data in itself is valuable.

So, how do they do it?

There are many ways hackers can infiltrate an open network and take advantage of people’s blind trust.

Man-in-the-Middle Attacks

Stereotypical hacker in a dark room

Perhaps the easiest way for cybercriminals to intercept your data is through an unsecured internet connection. For example, that free Wi-Fi you just connected to.

A Man-in-the-Middle attack is when a hacker uses a computer or smartphone to impersonate a trustworthy router. If they succeed, they can reroute your internet traffic through their device and view it. They can even present information that isn't on the website you think you're visiting.

What might seem like a harmless prank can be used by hackers to steal your passwords and financial information.

Furthermore, they can see everything you’re searching for and reading, and possibly steal sensitive information to use against you.

Taking Advantage of Weak Security

One place you might not expect an attack from is your home’s network. After all, it’s password protected. But hackers have many ways of getting past these.

One way is using a brute-force attack: this involves specialized software trying countless combinations of passwords until they find the right one.

To protect against this, you password needs to be long, full of special characters, and frequently changed. Otherwise, you could easily fall victim to this type of attack. In fact, you're the ultimate target.

Another way they can get your password is by using social engineering. Yes, they can simply ask you for your password, and—if they’re good enough and you’re none the wiser—you might end up giving it out.

So, How Do You Protect Yourself?

smartphone on table that says security on

There's no need to swear off public Wi-Fi for good or abandon technology when it comes to finances and keeping private information. There are a few simple security measures you could implement today to stay safe online.

Here's how to protect your devices while using an open network—although these are good practices, no matter the type of internet connection!

Disable Auto-Connect

If your device automatically connects to any open network you come in range of, then you need to disable it immediately.

Related: How to Prevent Your Devices From Auto-Connecting to Networks

If you don't, your smartphone could connect to a random network when you’re walking down the street and you wouldn’t even know.

Use a VPN

One of the simplest things you could do is get a VPN and use it as often as possible. That's particularly important when you’re using an open network; if the router isn’t properly encrypting your data, your VPN will.

Not to mention, VPNs also offer a ‘kill switch’ that disconnects you from the internet if your VPN app crashes. That ensures that you’re never out there unprotected.

The only thing you need to do is to get into the habit of switching on your VPN before you connect to the internet.

Related: The Best VPN Services

Stick to HTTPS Websites

If you find yourself needing to use public Wi-Fi but don’t have access to a VPN, then it’s best to stick to HTTPS websites. Those websites tightly encrypt the traffic between the two of you. That makes data much harder for a hacker to hijack.

Related: What Is a Website Security Certificate?

To make sure you always use secure websites, keep an eye out for the extra ‘s’ in the URL or the padlock symbol that most browsers show. But if you want everything automated, there are browser extensions that notify you before you enter an unsecured website. Chrome browser does this automatically too.

If you do go into an unsecured website, don’t download anything or input any passwords or private information.

Use Antivirus Software

If you’re not very tech-savvy and think you might easily fall for a phishing scheme or download something harmful, get an antivirus for your smartphone. Antivirus software can detect incoming attacks and malware and intercept them for you. It’d also send you an alert, letting you know that what you’re doing isn’t safe.

Follow Your Instincts

Here's what you need to remember when it comes to online security: follow your instincts and stay skeptical.

Hackers are always on the lookout for new ways to hack devices and inject malware. You could be a victim to a method of attack that no one warned you about.

So, if you’re on a website and something about just doesn't feel right (like if it looks old, has a lot of typos, or is insisting you sign up for something every 20 seconds), leave. You can visit it again with better security if you’re still curious about it.

Image Credit: Bernard Hermant/Unsplash.