We all know “that guy” at your local Starbucks. The one you see every day set up with what basically amounts to a home office in the corner of the store, complete with two laptops, a tablet, and maybe even an extra phone or two.
We automatically assume he must be a regular, some kind of high-powered work-from-home businessman - but that’s not always the case. Your regular down at the world’s favorite coffee spot might actually be more than meets the eye.
Public WiFi has become the new hotspot (no pun intended) for hackers to steal the sensitive information of thousands of people at a time right from your laptop, all while everyone around you just thinks you’re writing another screenplay or coding the next big app.
But why would Starbucks be the biggest target of all? Surely as the biggest, they can also afford the best security right?
Public WiFi: An Analogy
Starbucks is practically known at this point for offering free WiFi to anyone who might be passing by.
Like a Subway shop that pumps the smell of baked bread out onto the sidewalks, the stores actually depend on that open internet connection to bring in business - which obviously has worked to the tune of several billion in revenue per year. But, as the most popular coffee chain out there, Starbucks also attracts the most attention when it comes to public WiFi hackers taking advantage of the company’s free WiFi policy.
Some of the older readers here might remember Apple’s first big ad campaign for using Macbooks over PCs back in the early-aughts, called “Mac vs. PC”. Though there were dozens released, most inevitably boiled down to one argument: PCs get viruses, Macs don’t.
Now what most people may not know, however, is that this wasn’t because Macs were inherently any more secure than PCs, and in fact are just as vulnerable to an attack today as PCs were back then. It all boiled down to user numbers; at the time the number of people using Macs was so small that it simply wasn’t profitable for virus makers or hackers to target the operating system, because they wouldn’t be able to get enough revenue off the small number of credit cards they’d eventually collect.
The same principle applies to public WiFi hotspots at Starbucks. Think of Starbucks as a PC in the 2000’s, and your local coffee shop as a Mac. Sure, the hackers could wait around all day at a small cafe and hope that enough people enter their credit card information while they’re browsing at the hotspot...or they can just set up for Starbucks for an hour and watch the new devices pour in by the hundreds.
While there are no confirmed reports that Starbucks hotspots are any more or less vulnerable to attacks than other cafes - from a purely security-based standpoint - is still up for speculation. But as a numbers game alone, it’s obvious that hackers would target that particular company over anywhere else.
How Does it Work?
There are a number of ways that hackers like to exploit public WiFi hotspots at Starbucks. The most popular is what’s known as a “man-in-the-middle” attack, where the hacker sets up a program designed to scan traffic going between your device and the rest of the internet, sniffing its way around for anything that even resembles a credit card number. Other data a MiTM attack might look for includes sensitive identifying information or logins, like your online banking credentials, home address, phone number, or even your social security number.
But how would a hacker actually get themselves “in the middle”? Well, there are a few ways to get this done, none of which are all that complicated to pull off.
The first is to simply set up a faux-hotspot with a nearly identical name somewhere in the shop itself. For example, you might think there’s not really any difference between “Starbucks-FreeWiFi” and “Starbucks-FreeWi-Fi”, but that one extra character is all a hacker would need to start collecting personal information on customers by the bucketful.
Another trick hackers like to use is to install a software-based “packet sniffer” on the main network, in order to scrape information from all the traffic that passes through it. In the same way that fooling people into clicking onto a fake WiFi hotspot immediately makes all the devices on that network vulnerable, a Starbucks public WiFi hotspot that’sbeen infected with a packet sniffer will automatically deliver a list of sensitive information to any hacker that’s been hunting for it.
All of this data can be used to steal your identity, run up fake credit cards, and throw your life into tailspin if the hacker who owns your data is in a particularly nasty mood that day.
How Can VPN.com Help?
With a VPN recommended by VPN.com, you can be sure that any information you send from your devices will be protected and secured from attackers who use the tactics mentioned above.
Because a VPN always protects your tunnel of information behind a wall of 256-bit AES encryption, any information that would be transferred over a public Starbucks WiFi hotspot would be jumbled up before it left your device in the first place.
“But couldn’t they just break the encryption?”, you might be asking by now. Lucky for us, some very smart people came up with a nearly uncrackable set of math problems that would take longer than the current age of the universe to figure out, and that’s with 50 supercomputers running in tandem.
By utilizing a VPN on your device, you ensure that any data transmitted during online banking sessions, sending emails, or shopping is walled off by the same level of encryption used at the Department of Defense.
The fact is that even the most scrutinizing public WiFi user could mistake one letter for another in an SSID, and that first connection could be all it takes for your device to remain compromised from then on.
When you decide to take the plunge on a VPN, you’re not only protecting yourself when you connect at Starbucks, but wherever you go in the world. With our 50+ available server locations you can be guaranteed that no matter which WiFi you’re on (or even your cellular network), every bit of data that’s going out or coming it is being cared for by our industry-leading protection policy.
You can sign up for your first month of the VPN.com service of your choosing by checking out our homepage today!