If you travel, work remotely, are a student, or prioritize staying connected, one of the first questions you probably ask upon going somewhere new is: “Do they have WiFi?”

Public Internet access can be both a blessing and a curse. It gives you the opportunity to stay plugged in while you’re on the go and away from your home or office.

But that unlimited access comes with specific risks. Public WiFi networks are among the least secured Internet connections, and where there is a weakness in a system, there are those willing to take advantage of it.

Cybercriminals prey on unprotected WiFi users with a full suite of techniques ranging from the mundane to the sophisticated. While the easiest way to stay safe while browsing is not to use public WiFi at all, this is not a realistic option for most people.

According to the 2017 Norton Cyber Security Insights Report, more than 978 million people – 44% of all consumers – were affected by cybercrime sometime during 2017. And while 70% of consumers believe that taking safeguards while using public WiFi networks is paramount to staying safe online, 66% revealed that they continue to use these “free” networks without employing proper security methods to protect themselves and their personal information.

How do Public WiFi Networks Work?

For places like restaurants and coffee houses, offering public WiFi networks is a brilliant marketing strategy. The longer customers stay at a Starbucks accessing the Internet, the more likely they are to order another menu item. Starbucks trades the low cost of having a wireless router and an Ethernet connection in exchange for additional organic business each day.

Formerly, many places would charge a fee for WiFi, but access has become so cheap that most have done away with that practice. Most public WiFi networks don’t ask for a password when users connect. No password means there are zero safeguards put in place to keep their information safe as they browse the Internet. Other places do have a password, but usually, have it posted somewhere in their establishment. That sort of security is thin at best.

How Hackers Abuse Public WiFi Networks

Inside the cybersecurity industry, there is a saying that there are three types of people in the world: those who have been hacked, those who will be hacked and those who are being hacked right now. 

The list of ways cybercriminals can target unprotected computers on public WiFi networks is long and shockingly simple.

One of the most dangerous is the “Man in the Middle” attack where a hacker mimics a legitimate WiFi network. For instance, a hacker might sit in a hotel lobby broadcasting a wireless network named “HILTON-LOBBY.” People using their smart devices and computers in the lobby could very easily believe that WiFi belongs to the hotel and connect. Once other devices are connected to the network, the hacker could do anything from examining files on the computer to swiping IDs and passwords to any website the person visits.

Other hacker tools are so easy all it takes is downloading an app and following a few simple steps or even a YouTube video detailing how to hack. A network analysis tool called Wireshark is generally used for investigating traffic on a business website but can be repurposed to capture packets of information on a public network, filter them for specific parameters and even inspect them in a readable format.

How to Stay Safe While using Public WiFi Networks

There are only two ways to stay 100% safe when dealing with public WiFi networks: use a Virtual Private Network (VPN) to hide your online activities or don’t use public WiFi networks at all.

Abstaining from using public WiFi networks is doable, but not very practical to most people who rely on their smart devices for everything from working remotely to getting directions to shopping online.

The other solution is far more workable. VPNs function by establishing a ‘tunnel’  between the user’s device and a VPN server in a different location. Instead of data being sent straight to the Internet, it is encrypted and sent via the ‘tunnel’ to the VPN server. Hackers can see that information, but they cannot penetrate the encryption. Once the data arrives at the VPN server, it is decrypted and sent on to the websites. VPNs also give users one of their many IP addresses, so even their location remains anonymous.

If you can’t afford or don’t want to trust a VPN with your Internet safety, there are other ways to stay safe while using public WiFi. In place of Internet abstinence, here are a few tips and tricks to keep you safe while using public WiFi networks.

Protect Your Data

If you are using public WiFi, avoid going to sites that require sensitive information. These include but are not limited to:

  • Banking websites
  • Credit card websites
  • Any of your email servers
  • Websites like Amazon that store your personal and financial information

Cybercriminals feast on your financial and personal identification data. They can use these to make purchases with stolen credit card and bank account information, and create false identities using your information. Some of these crimes are discovered right away, some may never be discovered because they occur in other countries. Many people believe that having virus protection on computers or other Internet-capable devices keeps them safe at all times, but this isn’t applicable when using public WiFi. The best comparison would be writing down your personal information on a piece of paper and leaving it on a table at a crowded restaurant. Most people probably wouldn’t use it to their advantage, but you have to assume at least one person would, and that’s all it takes.

Confirm the WiFi Network

One of the hackers’ best tricks is to sit in a public place and create a hotspot with a name designed to trick users such as “Hotel-Lobby” or “Airport Terminal.” When users connect to those networks, all of their data is sent to the hacker’s computer before it heads to the Internet and on its way back to the user’s computer. Combat this sort of cybercrime by asking an employee of the location you’re at what the name of official WiFi network is.

Always update your Virus and Malware Protection

First of all, make sure you have both virus and malware protection installed on any computer or Internet-enabled device you own, especially those you plan on using in a public environment. Some companies are great about sending you updates when there is a new patch or version to download; others expect you to do that on your own.

Make a schedule to check for updates on both security platforms, once a month is a good number, to ensure that you aren’t missing out on any critical components. Plenty of hackers are not content to merely steal your information while you’re connected to a public WiFi network. They’ll install malware on your computer to track your future financial movements as well or install a virus to ruin your system. Another favorite tactic for this type of cybercriminal is to install ransomware on your device.

Ransomware is like a time bomb. It goes off after a certain amount of time passes and freezes up all data and applications on your device. You’ll get a message claiming the only way to get your data back is to pay a ransom – usually in cryptocurrency – to a specific account. Even if you pay the amount, there’s no guarantee you’ll get your data back.


About the Author

Nikki is a CERTIFIED FINANCIAL PLANNER™ professional, and active stock market investor. She is the founder of She Talks Finance, a personal finance initiative for women. She also specializes in helping traders and investors improve their mental game.