Staying Secure on Public Wi-Fi Networks

The privacy risks of that free hot spot and what to look out for

The world is becoming more and more mobile by the minute, and Wi-Fi networks are springing up like mushrooms to give us anytime, anywhere connectivity. Public Wi-Fi has spread from the coffee shop, the airport, and the library to retail stores, restaurants, hotels and resorts, buses and trains, and citywide metropolitan networks. Public Wi-Fi can be found nearly everywhere you go. In fact, network technology company Cisco predicts that there will be nearly 628 million public Wi-Fi hotspots worldwide by 2023.

How convenient. And how perilous to our identities and privacy if we take advantage of all this free connectivity without knowing the risks. Let’s take a look at what can go wrong on public networks if you’re not careful, and how you can mobilize without giving up safety.

What Can Go Wrong on Free Wi-Fi?

The thing to understand about public Wi-Fi is that it is, well, public. If you can connect to it, so can anyone, including people with bad intentions. Here are some of the ways that bad actors can take advantage of these wide-open Wi-Fi networks.

• Man-in-the-middle attacks: Hackers can insert their computers invisibly between you and the Wi-Fi network, capturing and logging your communications before sending them on to the public network.
• Rogue Wi-Fi networks: Attackers can set up their own Wi-Fi networks with names close to the real network name or that look like an alternate free Wi-Fi. The rogue network will give you an internet connection, but the attacker will be recording everything you do.
• Snooping and sniffing: Hackers can buy special software kits on the dark web that enable them to eavesdrop on Wi-Fi transmissions.
• Malware downloads: While they’re intercepting your transmissions, hackers can insert spyware, viruses, or worms (more contagious than viruses) onto your device.

Even if you don’t get hacked or attacked on a public Wi-Fi network, your privacy can be compromised. Many stores, hotels, and other businesses use their public Wi-Fi networks to gather data on users, including the sites you visit, how much time you spend there, and data from any sites that have unencrypted communications (sites whose addresses start with “http” instead of “https”). As with other kinds of data tracking, they use the data they gather to promote their products to you or to sell advertising to other businesses.

Staying Private on Public Wi-Fi

The hotel, store, or city providing Wi-Fi access doesn’t screen its users, and they’re not in the network security business. So, if you choose to use public Wi-Fi, you have to look out for yourself.

The best protection is to connect to public Wi-Fi using a VPN such as IDX’s Safe WiFi, which is included with the IDX Privacy protection plan. A VPN creates a secure pipeline inside the public Wi-Fi network to ensure that no one can intercept your information. (If you don’t have a VPN, using your phone’s cellular connection will provide a much safer and more secure connection.) Also, make sure to disable the automatic connection feature on your mobile device so you don’t connect to a public network accidentally, and turn off the “remember this network” setting when you connect to a public Wi-Fi.

Here are 3 easy steps to protect your device:

1. Keep Wi-Fi turned off except when you’re using it. If apps need Wi-Fi to work, change their settings to only use Wi-Fi when you’re using the app.
2. Disable file sharing on your device to help prevent hackers from accessing your files.
3. Keep your device and apps up to date with security patches and run antivirus software on all devices.

You should also be mindful of your actions when connecting in public:

• If you see several available Wi-Fi networks, ask an employee at the business location which is their correct public Wi-Fi network name. That will help you avoid rogue networks.
• Use a tracking blocker to protect your privacy while using a business’s free Wi-Fi.
• Log out of accounts when you’re finished using them.
• Enable the "Always Use HTTPS" option on websites that require you to enter credentials, to ensure your interactions are encrypted. (If the site address begins with “http,” try typing “https” instead to see if the site supports the secure protocol.)
• Never install software over public Wi-Fi.

Don’t Forget the Basics

Last but not least, remember that when you’re on a public Wi-Fi network, you’re in public, with all the old-fashioned physical risks that entails. Your device could be lost or stolen, so think carefully about how much personal information you store on it. If you can, keep sensitive information securely in the cloud or on a home network that you can access remotely.

And even if you’re using a VPN, don’t conduct financial, medical, or other sensitive transactions in a public place. Because, no matter how much of crime is now high-tech, if a criminal is in the right place at the right time, they can still steal personal information through good, old “shoulder surfing.”