Free Wireless Internet Hotspots are a Massive Wi-Fi Security Risk
Hotspots or public wireless networks are becoming pervasive, available in almost all cafés, airports, restaurants and bars. While offering convenience, you must appreciate the risks of WiFi hotspots because you are sharing an unknown network with an unknown number of strangers, some of whom could be hackers.
The WiFi security risks of using hotspots fall into two broad categories: spoofing/phishing and sniffing.
Beware of Spoofing and Phishing
Although it sounds obvious, you should make sure that you are connected to the actual hotspot (!) rather than a decoy, fake or spoofed site. For example, there are apps that allow a hacker sitting nearby to make you think you are logging on to a legitimate site (for example, the login page for the hotspot or for a popular webmail, social media or shopping site) when, in fact, you are entering your username and passphrase into a fake portal.
The spoofing app enables the hacker to create a replica of the legitimate login page and fool you (phish you) into providing the hacker with your username and passphrase, sometimes even your credit card details.
To make sure that you are on the correct sign-in page look carefully at the URL in your browser bar. Remember my earlier examples about phishing tricks such as posing www.cogipas.com as www.c0gipas.com. In addition, most legitimate sign-in pages will be through a secure connection, so look for the https (note the ‘s’) at the start of the URL and a lock icon displayed in your browser bar (see screenshot).
Beware of Sniffing
There are other apps that hackers and snoops use called sniffers which capture data over unsecured networks. When using an unsecured wireless network, adversaries can capture all the traffic you send over the Internet including your emails and passphrases or any other data, such as credit card information, you are transmitting. This is one reason you should never do any online shopping or access any sites requiring your usernames/passwords over an unsecure public hotspot.
To help safeguard your WiFi security and protect yourself, use only verified https connections (again, note the ‘s’) as this means the data sent to and from your device is encrypted. This way, even if the data is intercepted by a hacker or snoop, it will be completely unintelligible to them.
Always trust your instincts and have a look around to make sure that you do not have any overly curious neighbors sitting close to you. That said, adversaries employing sniffing methods do not have to be in your immediate vicinity and could even be sitting in a car parked outside.
Top Tip – When using a device in a public place without needing access to the Internet, turn off your device’s wireless connection. For example, on most laptop computers a quick key press will disable your wireless networking. Similarly, most tablets and smartphones can quickly be put in airplane or flight mode. Why leave your device unnecessarily open for attack?
Safeguarding your WiFi Security when Using Hotspots
For solid protection specifically tailored for using public hotspots, you can use a free (but ad-based) tool such as Hotspot Shield. It is an immensely popular app (200+ million downloads) which encrypts your web browsing activities end-to-end, making it ideal for protection when using public WiFi hotspots. The ads on the free version are a little annoying and perhaps represent a privacy risk, but the price is right.
You should only use such a tool for your everyday web browsing on WiFi hotspots. Do NOT be tempted to use it for any sensitive online activities, such as torrent file-sharing or browsing websites you would rather keep private.
- read more in our post ‘When Using a Free VPN is a Bad Idea‘
You can also fully protect yourself when using WiFi hotspots by using something called a virtual private network (or VPN for short). A VPN ensures that your entire Internet connection is secure, not only when web browsing but for everything you do online including torrent file-sharing and even Usenet.
A VPN creates an encrypted tunnel of all your Internet traffic, no matter where you are, fully protecting you from the risks above. It also gives you an anonymous IP address which prevents other online risks such as online tracking and profiling.
As VPNs are a key tool for protecting your online security and privacy, many posts on this website are dedicated to the topic.
- search for VPN-related posts on Cogipas.com
- How to Choose the Best VPN for You
- Anonymous Web Browsing Using a VPN (Virtual Private Network)
- Home Network Security Guide