Public Wi-Fi: Is it a Trick or Treat?

It may seem like a treat when you sit down at a local coffee shop, or lay down on the bed at a fancy hotel after a long day of traveling to see “Free Wi-Fi” pop up on your tablet, laptop or smartphone.  Especially when there is no password required.  On the contrary, it could be a trick and a decision that shouldn’t be made hastily.

The moment you connect to a public Wi-Fi network, you make yourself vulnerable to a hacker.  The service provider is not responsible for what happens on their network.  Most businesses, schools, churches, libraries and even some cities provide public Wi-Fi.  Companies that do not use passwords or high security standards are not out there to put you at risk, but instead to ensure compatibility between the majority of communication devices.

A situation may arise when someone sitting across from you at a coffee shop is getting ready to hack into your device where they can obtain one or all of your many usernames and passwords.  Once the hacker obtains your information, they leave without you even knowing what information they have just stolen from your device.  There is no window or alerts that pop up warning you that someone stole your credit card information.  It’s not until you get the credit card bill you notice your information was compromised.  Still at that time, you probably don’t remember or even think it could have been when you stopped to get a latte.

Connecting to public Wi-Fi allows anyone with certain (typically free) software to be able to see what you are doing.  Keep in mind even if you connect to a Wi-Fi network with a password, it doesn’t stop other devices from attempting to connect to your communication device.  If you do something on public Wi-Fi, it can never be considered private.  Two common ways even a novice hacker attempts to crack your password is by using brute force or dictionary attack techniques.  Brute force uses every letter, number and special character in a million, even a billion different ways.  Dictionary attack tries words from a dictionary to attempt to gain access.

If there is a critical need to access public Wi-Fi, limit usage to general browsing of the web.  Avoid the following:

  • Internet shopping.  It can be dangerous; hackers can obtain your personal financial account information.
  • Logging into Facebook, Twitter, etc.; hackers can potentially steal your usernames and passwords within seconds, and change your profile and upload negative posts.
  • Refrain from checking your email accounts.  You wouldn’t want someone to be able to change your password and send emails out acting as you.
  • Logging into online banking, credit cards or other important financial web tools.

When connecting to a public Wi-Fi network it’s important to remember to take personal responsibility.  The following are tips that can help you be aware of public Wi-Fi risks:

  1. Turn off your devices’ Wi-Fi if you are not at home or work.  Your device can actually automatically connect to a Wi-Fi network without your knowledge.  Turn off the Bluetooth feature.
  2. Use strong, long passwords to help lock unwanted users out.  Try to use a special character and avoid using words from the dictionary.
  3. Make sure your computer/device has the latest security patches.  Having anti-virus on your computer is pointless unless it is up-to-date.  Please note that even having security software doesn’t guarantee it will catch all malicious activity.
  4. Log onto secure sites with https when possible instead of http.
    Example:  The website provider is supplying an added layer of security.
  5. Anytime you are at a location that DOESN’T advertise public Wi-Fi and your device detects a hotspot with the location’s name, it’s likely a fake.  Do not connect for any reason.
  6. When you are at home your device may be enabled to share music, files, folders or printers.  When traveling be sure to disable sharing on your device.
  7. If you log into your company’s system while connected to public Wi-Fi and someone gets a hold of your username and password, you are not only putting yourself at risk, but your company too.

Connecting to a public Wi-Fi isn’t just a security risk, it’s a privacy risk too.  Department stores are now installing sensors that scan for smartphones with Wi-Fi capabilities turned on.  The sensors make note of your device’s MAC address (like a unique serial number for your phone).  They track how often you come to the store, when you leave, all the way to where in the store you spent the most time, usually without letting the customer know they are being tracked. Department stores claim they use this information for marketing purposes.  In this case it is not the hackers you should be worried about, but stores that are “watching you.”

When you access public Wi-Fi you should assume that someone may be watching every move you make.  Try not to be lured into believing that utilizing public Wi-Fi is a treat.  It’s not.

Alternatives you might want to look into: most cellular companies sell Wi-Fi hot spot devices you can take with you; your own little network that you can password protect (data fees apply).  Some phones can “tether” your data, which means you can use the data from your cell phone and provide internet access to your laptop or other device.  Remember you get what you pay for.  Paying a little bit more for a private secured data network goes a long way in the attempt to protect your privacy.  Never compromise convenience for security and privacy.  The real treat is keeping your data safe.

While these are recommended security measures, it is important to always consult your IT professional or refer to your company’s technology policies.