The Biggest Security Risks With Public Wi-Fi

The Biggest Security Risks With Public Wi-Fi

Public Wi-Fi is a game-changer for those who are constantly on the move, providing major convenience for frequent travelers and digital nomads who need access to the web while on the go. However, due to its lack of security, public Wi-Fi can leave users vulnerable to hacking and data interception if precautions aren't taken.

Mistake #1: Not Verifying the Network Before Connecting

"Don't assume the network you're connecting to is the correct network," warns Craig Taylor, CEO and co-founder of CyberHoot, a cybersecurity training platform that educates individuals on protecting themselves from online threats. He suggests double-checking with the owner of the network that the Wi-Fi name matches the official SSID, or service set identifier, which refers to the network name, before connecting.

"Hackers will set up enticingly named fake networks. At a Starbucks coffee shop, they might call it 'FreeStarbucksWiFi' to intercept and manipulate unencrypted data in transit," Taylor said. This tactic, known as an evil twin attack, involves cybercriminals creating a lookalike network to trick users into connecting, allowing them to capture sensitive data like email logins and banking credentials.

Mistake #2: Not Checking for a Sign-in Screen

A key but often overlooked sign of a legitimate network is the presence of a sign-in or authentication page before you gain access, Taylor said. These pages act as a basic security measure, preventing devices from automatically connecting without user approval.

"Rogue APs or Wi-Fi networks skip steps like this, hoping your phone will auto-connect and start communicating with online accounts through apps that don’t use encrypted communications," Taylor explained. This leaves the door wide open for hackers to intercept your data and potentially steal your login credentials.

Mistake #3: Leaving Bluetooth and AirDrop on

It’s easy to forget to turn off Bluetooth and AirDrop when you’re not using them, but any file-sharing capabilities should be disabled whenever you’re on public Wi-Fi. “Nearby fraudsters can easily detect and connect to your device via Bluetooth or AirDrop, giving them access to your personal data or even infecting your device with malware,” said Brittany Allen, senior trust and safety architect at Sift, an AI-powered fraud detection platform.

She adds that it only takes one click on a link to install malware on your device. “If you connect to an unknown network and are then prompted to download a file called ‘Network Access Instructions,’ think twice before doing so,” she said. “Even the simple act of downloading a PDF can introduce malware to your device, and this can happen automatically if it’s sent to you via AirDrop.”

Mistake #4: Enabling Autofill on Public Networks

Since many of us allow our browsers to autofill sensitive information like passwords, credit card numbers, names and addresses for the sake of convenience, a fraudster who gains access to the network can easily exploit this. “While these tips can help protect you, it’s ultimately much safer to assume that all public WiFi networks are not secure and treat them as such,” says Allen.

Using Tools to Ensure Security

The best way to be safe is to use tools like VPNs to ensure the data you send over the public Wi-Fi network is secure and encrypted. Consider using a password manager, which generates and stores strong, unique passwords for every site.

You can also check your recent login activity on frequently used apps, such as your Google account, or take advantage of built-in security notifications and tools like Have I Been Pwned to detect potential issues.