When you connect to a public Wi-Fi hotspot with your laptop, tablet, or phone, you are at risk of potentially revealing information to a hacker.
You may not believe you have anything of importance on your device. But once they gain access a hacker can quickly learn your name, what you look like, where you live, where you shop and work, and the names and addresses of colleagues, friends, and family.
Neat Trick: Hijacking a Public Wi-Fi Hotspot
This is typical: a hacker will replicate a public Wi-Fi hotspot address. Or, they’ll broadcast a popular hotspot name (such as Starbucks). Then what happens? Devices that were previously logged into a hotspot with that name will now automatically connect into the hacker’s hotspot. For example, that could be dozens of people at a coffee shop, or hundreds of people at an airport. At that point the hacker can then see the name of each device logged in. Unless a user has taken precautions, the hacker can determine the types of connected devices, and the operating systems in use.
Why is this a problem? Because anyone who has not kept their device up-to-date with system or operating system updates very likely has an exploitable security hole that has not been patched.
Taking advantage of such a hole, the hacker can see – in real time:
- websites being accessed
- e-mail being read and sent
- files being synchronized
- apps being used
- the list goes on
If you log into a bank account or webmail from a public Wi-Fi hotspot, your login ID and password can be stolen on the spot. Worse, a malicious hacker can employ DNS spoofing to redirect you from a trusted site, such as Facebook or your bank, to a fake site that looks just like the real site.
And then when you enter your login information for that site, the hacker now has control of your account.
Keep Safe: Say “No” to Public Wi-Fi
Experts say the best way to stay protected from hacking and identity theft is to simply never use public Wi-Fi hotspots.
While this is a good common-sense approach to safety, it can also be unrealistic. There are times when you really need to communicate or get work done through an internet connection and you’re away from your home or work.
So What Should You Do?
If you need to access the Web, instead of public Wi-Fi use your cellular service for web access. If you do use your cell phone, get your data services directly through your 3G or 4G service.
For your tablet or laptop, either:
- make use of tethering (using your cell phone as a private hotspot), or
- purchase a private mobile hotspot from your cellular provider.
Tethering usually incurs an extra monthly cost, and adding a mobile hotspot can cost as much as adding a phone to your cellular account. But both options are safer and far more protected than using a public Wi-Fi hotspot. If you do use a private mobile hotspot, turn off broadcasting of the Wi-Fi network name as a further precaution. And of course create a unique password at least 8 characters in length.
If You Have to Use Public Wi-Fi…
When using public Wi-Fi is your best or only choice, we highly recommend using a VPN (virtual private network) provider, which sets up an encrypted tunnel to a trusted server.
While there are a variety of VPN providers and services, we like to use OpenVPN, which is free and has software for Windows, OSX (Mac), iOS (iPhone and iPad), and Android.
With a VPN enabled, any web traffic on your device is protected from prying eyes. You’ll know when you’re on a protected site because the Web address starts with “https” – the “s” at the end means “secure.”
Stay Safe
Remember, insecure data can put your business at risk. Insecure personal information can put your family at risk. Protect them both.
Check out Tips for Using Public Wi-Fi Networks on the federal government’s OnGuardOnline.gov website for more information.
For some real-life examples of how hackers can learn all about you when they hijack public Wi-Fi, check out What we give away when we log on to a public Wi-Fi network . Thanks to Ridgewood, NJ-based Bergen county realtor Lisa Sammataro for sending us this article.
If you have any questions, Bergen IT can help. Please drop us a line at solutions@bergenit.net.
Bergen IT is a client-centered, comprehensive tech support and strategy company for businesses, professionals, and homeowners. The company services customers in the NJ and New York City metropolitan area, including northern New Jersey (Bergen, Essex, Hudson, Morris, and Passaic, NJ), Manhattan and the Bronx, Rockland and Westchester, and can remotely assist clients across the USA.
Bergen IT provides computer, mobile device, audio, TV, and home-theater services. Its focus is on providing personal attention, reasonable rates and top-notch expertise. For more information, go to: www.bergenit.net.