Security

So You Like to Use Free Public Wifi? How Safe are You, Really?

Free WiFi is cool. It’s free, for a start, it’s usually faster than your mobile phone internet service, and it saves data usage from your monthly or prepaid plan. It’s safe to say we all love free WiFi.

The problem is that hackers love it even more because it’s a picnic for them. When you do use a public WiFi service you’re broadcasting all you’re doing to the public, so to speak, so if you make any operation that involves sensitive information such as banking details, social security number, and things of the sort, you’re risking to have your identity get stolen or your bank account emptied.

Use Free Public Wifi

Data from three years ago shows that 21% of Americans had their emails hacked, and 12% had their banking information stolen while shopping online.

So yes, free WiFi is convenient for sure, but it’s also a “gift” that must be used very carefully. Let us tell you what the most common kinds of tricks hackers use on free WiFi users are and how to make sure you and your data stay safe.

Man-in-the-middle attack

In this type of attack, a hacker intercepts the data your computer or device is exchanging with the WiFi provider. It’s the digital equivalent of overhearing somebody else’s conversation. This is particularly dangerous if you are performing financial transactions in which your financial information shows, like when you’re connected to your bank’s web service.

Protecting yourself against this kind of attack is actually quite simple, just take three preventive measures. First, every time you need to engage in any type of internet activity that requires the use of very personal, private or delicate information, do it from home from an ethernet wired connection, don’t take any risks (yes your home WiFi can be hacked as well).

Second, get a quality VPN, install it and use it. Third, if you really have to do this on a free WiFi and you don’t have Hotspot Shield then make sure the website is secure. You can tell because the web address starts with https instead of HTTP.

Fake connections

You can set up a computer to be a WiFi hotspot. In this way, hackers can just make their own computer look like the free WiFi service, have you connect to their network and then just grab and save all your internet activity as long as you are online.

You can deal with this by knowing well your usual WiFi hotspots. Make sure you know the names of the legitimate networks and that you always connect your devices to the correct one. Remember “Free WiFi” is a suspicious name for a free WiFi hotspot.

Packet Sniffing

Packets are the standard way in which information is cast around the internet and WiFi hotspots. Packet sniffing is not as funny as the name sounds to laymen. This is the kind of attack in which a hacker will make a computer “listen” to the packets that are in the public WiFi signal, store them and then analyze them at will.

If your connection is not encrypted, this kind of attack can find anything and everything you did during your session. Preventive measures against packet sniffing are to make sure to use only secure (https) websites and not to send personal information of any kind through the public wireless network.

Session Hijacking

Packet sniffing is, for a hacker, like listening to a record. Hijacking a session is attending a live concert. It’s the same kind of attack except that the hacker will not wait to go home to see what he can find from the packets he recorded from your session but rather will use the very information you are broadcasting right then and there to make the websites you’re visiting “think” that he is you. Then he’ll take it from there. The solution here, again, is to use only https websites.

Shoulder-surfing

This technique is so simple it seems trivial, but it works. A hacker will just look over your shoulder to see what your username and passwords are as you type them or see what your PIN is as you use an ATM.

If this seems too low tech for you to be worried keep in mind that one of the world’s most famous hackers, Kevin Mitnick, described, in his books, his most effective hacks as “social engineering” meaning that low tech hacking works very well. Be vigilant, be careful and look over your own shoulder.

If you think this could never happen to you, think twice. It’s happened to one out of every five Americans every year. Hackers are smart and committed so you should be careful. The good news for you is that a little caution and prudence can go a very long way in dealing with them.

Ali Qamar
the authorAli Qamar
Editor
Ali is an Internet security and tech enthusiast who enjoys "deep" research to dig out modern discoveries in the tech and security industry. Before turning to tech and security, he worked in marketing and management sector. He is passionate about sharing the knowledge with people and always try to give only the best.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.