How To Avoid Public Wi-Fi Dangers

  • MORE

Public Wi-Fi is ubiquitous now. Nearly every coffee shop, fast food restaurant, and airport offers it. It’s even hard to find a public park without Wi-Fi. But with that convenience comes risk. There are several ways you could be the target of an attack via public Wi-Fi.

The first is called a Man-in-the-Middle attack. This is when someone collects login information or other personal data as it is passed between your computer and access points. A hacker can then go back later and log in as you or use your information, such as credit card numbers.

Similarly, someone might set up what’s known as an Evil Twin. This is an access point that provides free public Wi-Fi but is also collecting all your personal information while you use it. The network name might be very similar to the network the store offers and could even use the same password. The perpetrator might even position the Evil Twin access point closer to where people are using computers so that the signal is stronger than the legitimate network. Stronger networks will show up on your computer at the top of the list of available networks.

Less common now, but a growing threat, are Wi-Fi viruses. These are spread via the Wi-Fi network and, like a regular computer virus, can cause any manner of destruction.

Eight things you can do to avoid public Wi-Fi threats

  1. Know what network you’re connecting to: If there are a number of networks available, ask an employee which one the business operates. Do not connect to another network even if it offers a better connection or faster speed.
  2. Connect only to password-protected networks: Using a WPA or WPA2 connection (one that needs a password) may offer only a little bit of protection, but it’s better than nothing.
  3. Use HTTP Secure connections when available: HTTP Secure (characterized by the URL starting with https://) adds a layer of encryption between you and the website, making your actions unreadable by someone in between. Many popular sites such as Amazon and Gmail turn this on by default. Other services, including Facebook and Twitter, have https as an option under your settings. The Electronic Frontier Foundation in conjunction with The Tor Project have created a Firefox extension called HTTPS Everywhere. When active, the extension will check to see if the URL you are requesting is available via HTTP Secure first.
  4. Run an antivirus program: Not running an antivirus program is just asking for trouble. Don’t forget to keep your antivirus software updated, too.
  5. Use a firewall: Windows 7 has a good built-in firewall that prevents unauthorized programs from accessing your PC, and many antivirus suites also include a firewall program.
  6. Do not use public Wi-Fi for sensitive material: Wait until you are on a secure network to make online purchases, manage your finances, or any other activity that requires you to type in information you want to keep private.
  7. Vary your usernames and passwords: Do not use a single password for everything. If someone does get your information for one website, you don’t want them to have your information for every website.
  8. Be aware of your surroundings: Don’t forget that in a public place anyone who can see your keyboard can watch what you type. If you are using a public computer, always remember to log off of all services you were using before walking away. This includes Windows.

Bottom Line

The key to safe computing on public Wi-Fi comes down to a mixture of common sense and vigilance. Always be aware of what you are connecting to and what you are doing over that connection. Don’t expose usernames, passwords or other personal information if it can wait until you are on a private network.

Recommended by Outbrain
Add a comment
1 comment
  • Ken Klein Says:

    The only true protection for public wifi is to use a VPN service. This will encrypt all traffic to/from your computer while connected. Most personal VPN services start at around 5 dollars a month. Using them just involves clicking an icon. Once started all traffic from your computer runs over an encrypted tunnel to the VPN provider, thus preventing snooping anywhere in between.

    Another option is to use a secure session service such as the one offered by IronKey on their USB thumb drives. The downside to this is it only encrypts the traffic from the browser itself. If your email is sending/receiving in the background someone could still snoop your email password. The most likely snoop will be someone using Firesheep or FaceNiff, which focuses mainly on web browser cookies for people on facebook or other popular websites.

    Ken Klein

Back to top