Public WiFi, also known as a public “hotspot”, is a physical location where you can obtain internet access using WiFi technology via a wireless local area network (WLAN) using a router connected to an internet service provider. While this seems great to everyone who does not want to waste their mobile data, public WiFi is actually the easiest spot for others to see your information. When you connect to a WiFi network, you are sending your own personal information through websites or mobile apps, and it’s really simple for hackers to intercept and damage your information. (It’s so simple, even a seven-year-old can do it). To show you why you need to STOP USING public WiFi, we list 10 ways you can easily be hacked while using public WiFi. Encryption is the key to keeping your personal information secure online. It essentially scrambles the information you send over the internet, turning it into a code in order to avoid it being accessed by unwanted third parties. An encrypted website protects the information you send to and from that site only. A secure wireless network encrypts all the information you send, using that same network. Sending your information to sites that are not fully encrypted, and using mobile apps that require personal or financial information, is a very risky game that you do not want to play. If you use an unsecured network to log in to an unencrypted site – other users using that network can see what you see. Most WiFi hotspots do not encrypt the information you send over the internet and, therefore, are not safe. In fact, if a network doesn’t require a WPA or WPA2 password, it’s probably not secure. This will be the case for most public hotspots. Given all of the advancements in information technology and increasingly efficient methods of hacking, simple user errors are one of the most common threats on public WiFi networks. There is no way to guarantee that the business owners or employees who set up the network have taken every measure to ensure data protection. It’s not uncommon for employees to simply leave the default user and password on a WiFi router, making the network ridiculously easy to access. One of the most common threats on public networks is called a Man in the Middle (MitM) attack. Essentially, a MitM attack is kind of like eavesdropping. When a computer or phone connects to the internet, data is sent from that device to a service or website. That’s when various vulnerabilities can allow a third party to get in the middle of these transmissions and see them all. Nowadays, with new hacking tools available online for free, hacking public networks is simple, even for users with limited technical know-how. In fact, creating a MitM attack on a public WiFi is so easy, that just to stress that point - HMA ran an experiment during which a 7-year-old girl was able to successfully hack a public network, using only her laptop and some google tutorials. The entire process took the young child less than 11 minutes, at the end of which she was able to steal information right out of other computers connected to the same WiFi network. Thanks to security holes and weakness found in operating systems and software programs, attackers can slip malware into your computer without you even knowing about it. Exploit these vulnerabilities is quite easy, by writing code to target a specific vulnerability, then injecting the malware onto your device. If you’ve never had a malware attack, let’s just say you don’t want to put yourself at risk for one.
WiFi snooping and sniffing is exactly what it sounds like. Using special software kits and devices that can be purchased online, cyber criminals can easily eavesdrop on WiFi signals. This technique allows the attackers to access everything you do online — entire webpages you’ve visited and any information typed into them, your login credentials for any online account etc, enabling them to use your virtual identity as they please. Think of when you log into your bank account. The hacker can see your username, password, and all of your bank account information, which he can use later on to log in himself and steal your money. Rogue access points trick victims into connecting to what appears to be a legitimate network, using a benign-sounding name, such as a name of a business or a hotel you are staying it. As anyone setting up a network can name it whatever they want, you may search and connect to a WiFi network called “Joe’s Cafe”, when the official, legitimate network is actually “Joe’s Coffee”. You will never know the difference and may fall head first into a hacker’s trap. And voila! You’ve just connected to a rogue hotspot set up by cyber criminals who can now see everything you do. Packet analyzers, also known as packet sniffers, are relatively small computer programs that can monitor the traffic on a network. They can even intercept some data packages, and provide info about the contents found within them. At best, these programs can be used in a harmless way, merely for collecting data about traffic. At worst, however, they can also be yet another loophole through which hackers can slither in to see your info. An evil twin is very similar to a rogue or malicious access point, only far more sophisticated in masking its purpose. Evil twins are created to look and act just like a legitimate access point. Hackers can actually clone an AP you know and trust, creating an identical one. Once you’ve connected through the twin, it will proceed to send your info to the hacker. Public WiFi networks are especially vulnerable to these types of attacks. Ad hocs are P2P networks, connecting two computers directly. They normally use the same channels as wireless connections. When using a public WiFi network, your computer will most likely be set to discover new networks. This way, hackers can connect directly to your phone or computer if they are within range, as the channels are open to new connections. It’s enough for one end of the WiFi network to allow ad hoc connections to give hackers access to the entire network. Worms are very much like traditional computer viruses, but they differ in one key aspect: computer viruses require a program to attach to, in order to work. Worms can actually propagate on their own. When connected to a public WiFi network, without the proper security in place, a worm can squirm into your computer from another device that’s connected to the same network you are using, causing a big ol’ mess on your device. Without a good VPN to protect our information when going online, we are all just sitting ducks, waiting to be taken advantage of. So, next time you’re sitting in your hotel lobby and feel like playing a spritely online game with your buddies back home - don’t. Or, if you must, do yourself a favor and install a proper VPN before you do. The information above can be used to track you, target you for ads, and monitor what you do online.
VPNs can help you hide this information from websites so that you are protected at all times. We recommend ExpressVPN — the #1 VPN out of over 350 providers we've tested. It has military-grade encryption and privacy features that will ensure your digital security, plus — it's currently offering 49% off.
Visit ExpressVPN