Be it in restaurants, cafés, hotels, airports, universities or even drugstores – public Wi-Fi can be found almost everywhere these days. Of course, this is very convenient, yet there is a decisive catch: Hotspots used by many users every day are anything but secure. For criminals, these very connections offer the perfect opportunity to obtain valuable and sensitive data. Many people are unaware of the risks and regularly run the risk of being spied on and falling victim to an attack.
Why is public Wi-Fi so dangerous?
Anyone who connects their devices to a Wi-Fi, leaves behind a unique fingerprint – the IP address. Many people do not know that, in doing so, they are already revealing personal data (e.g., their address). When using a public hotspot, you are also inviting all users of the Wi-Fi – including the provider, of course – to track your data exchange. The reason being that the majority of public networks is not encrypted.
The problem with encryption
If the Wi-Fi is not encrypted, you are an open book for everyone. Anyone on this network can basically follow you around unnoticed while you are browsing.
This also means that all login details entered via unencrypted websites – meaning all websites without HTTPS – can be viewed by others. Also, if you are using one password for several services, the damage can be severe in some circumstances.
Note: You can identify SSL encryption of secure websites in the browser by means of the abbreviation https in the URL or the little key symbol. If these features are not at hand when they should be, this could be an indication of a phishing attack. Bank websites, for instance, are always encrypted with SSL.
Evil Twins: Traps by Wi-Fi operators
In principle, anyone can set up a Wi-Fi network and name it individually. This is what makes it even more dangerous to connect with a fraudulent network out of ignorance.
With these evil twin hotspots – also known as rogue access points – hackers cleverly place their own hotspots with names that sound trustworthy, or they imitate trustworthy networks.
Therefore, always try to make sure that you are connecting to a trusted network. For example, you can ask the employees of the store or location allegedly providing the public Wi-Fi for the connection name or the IP address. The name "T-Mobile Hotspot" does not guarantee that the hotspot is provided by T-Mobile.
The risks of public Wi-Fi
Snooping & Sniffing: Attackers use a special "snooping" software to read all the data you exchange online. This information may be used to commit identity theft or to tap valuable company internals.
Phishing: If you have logged into an evil twin, the following could happen: You would like to log in to your online banking account, which is actually encrypted with SSL. Unknowingly, you are redirected to a fake website that looks confusingly similar to the original website of your bank.
Man-in-the-middle-attacks: In a man-in-the-middle attack, hackers use security gaps in order to get between the user and the website during transmission. This allows them not only to spy on data, but also to manipulate it in a targeted manner. This way, they can place themselves in the communication path between the bank customer and the online bank. It is therefore just as possible to tap sensitive content as it is to manipulate it cleverly, with the so-called "Janus" imitating the communication partners.
Malware: Security gaps enable attacks with so-called malware, a malicious software that is installed directly on the computer. Different forms of malware include spyware and programs enabling the attacker to remotely control your device.
How to browse securely:
- Disable your shares: Shares are used to grant access to other devices – for example, the laptop to the desktop computer. Of course, this option has its dangers. You can disable file and printer sharing in the system preferences. You can also turn off the network discovery, which allows your computer to see other network computers and vice versa.
- Update your operating systems: This is a must! An operating system that is not updated regularly, inevitably develops security gaps over time, which become a gateway for attackers.
- Enable a firewall: Both Windows and Mac devices have a system firewall providing a certain degree of protection (especially in combination with a VPN). This is why you should check whether your firewall is turned on.
- Browse in the tunnel with VPN: Use a VPN connection (Virtual Private Network). It works just like a tunnel that encrypts your data traffic and thus isolates it from the outside – regardless of which network you are connected with. As a rule, a connection is established between the client and the network via the Wi-Fi, through which operators obtain personal data. With a VPN access, this connection does not exist since the VPN connection retrieves and sends all data for you.
- Check your Wi-Fi name: Always take a close look at the display name of the Wi-Fi hotspot and check Wi-Fi networks for plausibility.
- SSL encryption: Check the URL in the address bar. Make sure that the websites you visit are encrypted with SSL.
Almost finished...Please click the link in the email and confirm your email adress to complete the subscription process.
Never miss a post. Get awesome insights in your inbox.