Safety at Public WiFi Hotspots
Using your Laptop or Mobile device at a public wireless or WiFi location involves some risk. Understanding the risks of public WiFi will help prevent your information from being stolen.
How Secure are Wireless Hotspots?
Almost all wireless (WiFi) hotspots are unsecure and there is no guarantee that your information is private and secure while using them. Like talking on a public payphone, you must assume that someone could hear your conversation.
For WiFi, you must assume that every website you visit, everyone you message, and any emails you send or receive could be viewed by someone else in that unsecured area.
What are the Biggest Risks of Public WiFi Hotspots?
There are a couple of serious risks with wireless hotspots:
- Packet Sniffing is where someone can set up a software program on their computer to monitor network traffic and record passing information, much like a telephone bug. These packets can later be decoded to discover passwords and personal information.
- Wireless Phishing involves tricking you into thinking the network you are logging into is legitimate. A login page is presented, you are asked some information, possibly a credit card number, and then you are logged into the illegitimate network but strangely, you cannot access your email or websites. These are harder to detect as they may appear as the real network, so be sure to ask of the name of the wireless network when accessing wireless internet in a coffee shop, hotel, or anywhere else.
Reducing Your Risks at Public Hotspots
By taking a few extra minutes during your wireless access, you may greatly reduce the risk to having information stolen. We recommend the following tips:
- Confirm with the front desk, information booth, or someone working at the facility what the exact name of the WiFi network is and then look for this exact network when you turn on your wireless. If there is some uncertainty as several similar names exist, re-confirm the correct network name with the local provider of the service to avoid 'fake' networks with very similar names that sometimes exist.
- If you must conduct online banking or purchases, then make sure that the site is using encryption to transmit your data. This is usually indicated by a padlock or a key on your browser or by a web address with https: (the 's' is for 'secure'). If you cannot use a website securely then do not proceed with logining in or using passwords or banking information.
- Many businesses offer their employees a VPN connection when they are travelling. If you have VPN access setup on your device then use it.
- Emails and instant messaging are almost always sent and received unencrypted, so do not transmit information that is sensitive. Your email provider may provide an option for secure email receiving and sending (usually labelled SSL, TLS, or STARTTLS).
- People can often see what you are writing or entering. Try to use a spot with your back to a wall to increase privacy and be aware of 'shoulder surfers'.
- Disable your wireless if you do not need it. This increases your protection against someone getting to your information or hacking into your device without your knowledge.
- Always manually select your network once the network list appears and never allow an automatic connection.
- Turn off any file sharing that you might have. Someone could attempt to connect to your computer and read or delete files if security protocols have not been set up correctly.
- Make sure you are running an up-to-date virus checking software and always ensure a firewall is active to reduce the risks infection and intruders.
- Some wireless networks do need a login password, but if the password is commonly known or easily obtainable (e.g., on a paper next to the cashier) then treat the network at the same level of security as an open one with no password.
Wireless or WiFi hotspots are everywhere and very convenient to travellers like yourself. By having up-to-date virus software and a firewall, taking a few extra minutes to verify the network and think about what might be seen by others will allow you to feel more secure when using these networks.
Written by Steve Romaine