Today free public WiFi hotspots are available almost everywhere; at airports, hotels, city parks, and cafes. You can connect to the Internet any time – many companies promote free WiFi as one of their competitive advantages.
The ubiquity of the Internet comes in handy to travelers and business people, as they can stay in touch with their families and colleagues, exchange emails, and share important documents from every corner of the world. However, using open WiFi that is not protected with a password can be pretty risky, and our mission is to clue you in on the possible consequences.
The Risks of Using Public WiFi Networks
Approximately 25% of open WiFi hotspots in the world are not protected by any kind of encryption. If you want to take the protection of your personal data seriously, it’s better to avoid connecting to networks that are not encrypted and learn about the potential threats. What are the main dangers you may encounter?
Theft of Personal Information
Hackers are not above getting their hands on your login credentials, private photos, financial info, etc. When you connect to free open networks, stealing your digital property is a piece of cake.
Once a computer trespasser gets access to your personal devices through a compromised public network, they can do anything with the information you store in there: sell it, use it to log in to your social network pages, and then blackmail you, and do many other nasty things.
Man-in-the-middle Attacks (MITM)
This type of attack happens when a third person tries to capture your data transmitted between two hotspots. To pull this scheme, hackers intercept an unencrypted user request for access to a website and then redirect the user to a phishing page that looks similar to the original one.
Let’s imagine a situation where you asked Alexa to access your email inbox. A hacker, who managed to hijack control over the connection between the Alexa device and your email provider, could redirect Alexa to a fake website and request filling in some confidential information that from now on will be in a hacker’s possession.
So, MITM attacks are usually launched to make users share their sensitive information on a scam website, but they can also be used for interception of private phone calls.
WiFi Eavesdropping
WiFi eavesdropping is a widespread tactic used by MITM attackers. An “evil twin” is one of the most popular equivalents of the phishing scam that takes place when hackers trick you into connecting to their WiFi network by using the name of a well-known legitimate service. For example, you sit in a cafe and notice two available WiFi networks with similar names: “Cafe” and “Cafe1.” There is a strong chance that one of these networks is operated by phishers.
Packet Analyzing and Cookie Theft
When connected to the same network as you are, an online fraudster can view the files you send or receive using a packet sniffer. This tool also enables scammers to steal and mimic your cookies so that they can access sites you visited and perform malicious actions.
How Can You Protect Yourself Against MITM Attacks?
- Avoid connecting to open networks that are not password-protected.
- Disable automatic connection to public WiFi networks on your device.
- Don’t share private information or materials through unencrypted networks and always try to use secure messengers.
- Make use of two-factor identification (2FA) when possible.
- Visit secure websites that work through HTTPS protocol.
- Use a VPN service when accessing financial or confidential details.
Final Thoughts
Modern people get used to thinking that having access to the worldwide web at any moment is a huge technological advantage, but they sometimes forget that free cheese is usually found in a mousetrap. Stay safe and take care of your data!