How to stay safe and private when using public wifi
Posted on September 4, 2018 By Dennis
Even with public wifi seemingly everywhere these days, connecting to a free network while on-the-go can still feel like striking gold. You can freely browse, stream, and download without worrying about data overage charges. However, public wifi doesn’t come without its concerns and these networks can be a prime spot for hackers lying in wait.
Using public wifi can make you vulnerable to various targeted and random threats including man-in-the-middle attacks and phishing schemes. But it’s not all bad news. With a lot of common sense and a bit of know-how, you can enjoy using public wifi while still keeping yourself safe and your information private.
In this post, I’ll explain the dangers of using public wifi and provide plenty of actionable tips to help you mitigate the risks.
The dangers of using public wifi
Although public wifi networks seem like they should be safe, they can offer many opportunities for hackers and cybercriminals to intercept your internet traffic. This can enable them to view your personal information, take over your accounts, steal files for use in extortion, and more.
Here are some of the common schemes that may be conducted over public wifi networks:
Man-In-The-Middle (MITM) attacks
A MITM attack involves a third party intercepting your data. A cyber criminal can hack into an existing public wifi network or create a fake one of their own and monitor your activity. This could give them access to login credentials and personal information, and even enable them to place malware on your device.
Phishing schemes typically involve criminals tricking victims into handing over information. They often work by directing users to phishing sites, which are fake websites designed to look like trusted ones. These scams usually involve emails, text messages, or voice messages, but phishing links can appear pretty much anywhere online.
When it comes to public wifi, hackers can lure you into clicking phishing links where you give up credential and other personal information. These may appear as sign in pages for the fake network. They can even go on to use any information they glean to approach you with a more targeted phishing attack, known as spear phishing.
DNS spoofing tampers with the Domain Name System (DNS) and redirects internet traffic. It can be used to direct users to malicious websites or carry out DDoS attacks. This means you could end up on a phishing site, or your device could form part of a malicious botnet, all without you realizing.
How to use public wifi safely and securely
Now that you know about some of the risks, you no doubt want to learn how you can protect yourself and your information while using public wifi. Here are some of the steps you can take to ensure you’re always safe while online:
- Educate yourself and use common sense
- Try to find a secure network
- Only visit secure websites
- Avoid sending sensitive information
- Turn off your device’s wifi
- Turn off your device sharing settings
- Use a VPN
- Enable your firewall if appropriate
- Update your software with the latest version
Let’s look at each of these in more detail.
1. Educate yourself and use common sense
One of the best defenses against any kind of cyberattack is to know what the dangers are. If you know what to expect, including the tactics that criminals use, then you’re far more likely to thwart an attack.
Stay up-to-date by reading blogs like this one and discuss risks with friends and family members. The more people who are aware of these types of crimes, the less likely it is that criminals will be successful.
2. Try to find a secure network
Love finding a network that doesn’t require login information? While it may mean you shave a minute or so off the time it takes you to connect, this isn’t a good sign for security.
First, unsecured networks are a more likely place for hackers to lurk, since they probably don’t want to leave any trace of their device or identity. Second, an unsecured network could be the work of a criminal themselves. Hackers have been known to set up their own networks, often under a name similar to that of the location. For example, they might name a network “Starbucks123,” duping you into thinking it’s a network provided by the popular coffee chain.
Remember, you can always ask. If you’re unsure which network you should be connecting to, whether at a hotel, cafe, or library, a member of staff will usually be able to help.
3. Only visit secure websites
Even if you’re connected to a secure network, it doesn’t mean your information is safe. It’s a good idea to try to only visit HTTPS websites if you can, as these sites use an encrypted protocol to transmit data.
An HTTPS site is usually fairly easy to spot .Aside from having “https” in the URL (instead of “http”), it should also have a padlock symbol in the address bar. Many popular sites, including Facebook and other social media sites, will bear this symbol.
Bear in mind, it’s common to come across fake versions of these sites, especially through phishing schemes. If you arrive at a site through an email or popup, ensure it’s the real deal.
Popular app HTTPS Everywhere can help by forcing you to connect to the HTTPS version of a site where available. This only partially solves the problem as not every site will have an HTTPS version, so you still need to do your own due diligence.
4. Avoid sending sensitive information
This probably falls under common sense, but sometimes we forget ourselves while on-the-go. Using online banking services or making purchases via credit card while connected to public wifi networks simply isn’t a good idea.
If there’s any risk that your information is being monitored, then you really don’t want to be disclosing this information. Aside from using it to make purchases themselves, a criminal can even go as far as stealing your identity with just a few key pieces of information.
If you absolutely need to disclose sensitive information while out and about, it’s a good idea to hop off the wifi network and use your regular cellular network. Paying for those few extra MB of data is probably worth it when you consider the alternatives.
5. Turn off your device’s wifi
Do you keep track of the wifi settings on all of your devices? With so many updates and new settings, it can be difficult. A common feature buried in many wifi settings menus is “automatically connect to familiar networks,” “ask to join networks,” or something similar. When enabled, if you’ve given permission to connect to a particular network in the past, your device will automatically connect to that network again every time it’s detected.
If you’re not keeping track, you could be connecting to networks even when you don’t intend to. There is a simple solution to avoid this unnecessary risk, and that’s to simply turn off wifi when you’re not using it. It might seem like a pain, but it usually only requires a few clicks to turn it back on again.
6. Turn off your device sharing settings
In a similar vein to the above tip, it’s a good idea to turn off any sharing settings you might have enabled by default. When you’re at home or in the office, it can be handy to automatically share to things like printers, scanners, and other computers that are part of the same network. However, a public wifi network is not to be trusted in the same manner.
For desktop users, you can adjust sharing settings in your Control Panel (Windows) or System Preferences (MacOS).
And don’t forget about Bluetooth too. Discovered vulnerabilities have proven that it’s best to keep this off when you don’t absolutely need it.
7. Use a VPN
A Virtual Private Network (VPN) can offer a huge boost to your internet security, no matter what network you’re connected to. However, it is especially useful when connected to public wifi networks.
A VPN will encrypt all of the traffic flowing to and from your device and tunnel it through an intermediary server. This means that even if traffic is intercepted, no one will be able to view its contents.
A VPN doesn’t just help with security. When traffic goes through the VPN server, your real user IP address is masked and replaced with a VPN IP address from a location of your choice. This means you can make it appear that you’re located somewhere else and access geo-restricted content such as that from streaming platforms like Netflix and Hulu.
Some VPNs come with automatic wifi protection. For example, NordVPN will automatically protect all wifi networks, while CyberGhost will give you the option to start the VPN when connected to familiar networks. For other providers, it’s just a simple case of turning the VPN on before your connect to the public wifi network.
8. Enable your firewall if appropriate
A firewall is an often forgotten line of defense against attacks. This acts as a barrier between your device and the internet. It basically closes all of your computer ports to prevent threats entering the system or your data leaving it.
Some operating systems, such as newer versions of Windows, come with a built-in firewall (which you may need to turn on), as does some antivirus software. You can even opt to add a firewall if you want, Comodo and TinyWall being a couple of free options.
9. Update your software with the latest version
This is another common sense tip but it’s worth a mention. One of the major reasons that software is updated on a regular basis is that developers are continually patching security holes and vulnerabilities.
As such, it just makes sense to always ensure your software is updated with the latest version. Plus, aside from being more secure, it will hopefully have better functionality and offer an improved user experience, too.