Protect Yourself While Using Public WiFi

Protect Yourself While Using Public WiFi

Imagine getting your bags packed and everyone is ready to go. You have checked your boarding passes again and got them in the front pocket. But what is it that you feel like missing? A VPN. Whenever planning a business trip or vacation, we usually forget the most essential things for the journey.

We must remember that we are going to another country where there might be geo-restriction. It means you might not be able to access your home content. Is this what you want? Or is putting your personal information at risk what you want?

If not, don’t forget to get essential things with you on the trip: a VPN. We know that many apps nowadays, such as Android Pay and Apple Pay, make our transactions easy but insecure. In the recent era, pickpockets are not against your traveler’s check, but these days, it is all about stealing money info from the devices you are using.

This is why it is essential for you always to play the safe side as much as you can. If you aren’t doing it now, start from the next login. Many people ask us the most significant threats we can face using public WiFi. This is why we are here with a detailed review that will prepare you and your family for any threats your way.

What Are The Dangers Of Using Public WiFi?

What Are The Dangers Of Using Public WiFi

It is essential to understand the dangers that come with using public wifi. This is why you can be aware of all the threats and avoid them in the future. Here are some of the dangers that come with using Public WiFi:

Unencrypted Wi-Fi Networks

Nowadays, most public WiFi spots have passwords to keep things safe in a Public WiFi setting. It is like a secret code for access to Public WiFi. If you are on a password-protected Public WiFi network and someone from outside tries to snoop on your connection, they cannot access your data. But connecting to free Public WiFi without a password is like having no lock on your connection door. In this case, people nearby can see and understand anything you do online.

Even if you use a password-protected Public WiFi network, there are still some risks. First, the person who owns the Wi-Fi (Your Internet Service Provider) can still see what you are up to on Public WiFi. So, in this case, you trust them to be good. Secondly, it is still possible for someone to get and understand your web traffic on a password-protected Public Wi-Fi. It all depends on how secure it is.

For example, on Wi-Fi using WEP encryption, all data is scrambled with the unique key you used to get on the Wi-Fi (the Wi-Fi password). Everyone on the Public WiFi can understand what everyone else is doing.

It is more demanding on WPA-PSK or WPA2-PSK networks, which use individual per-session keys for encryption. However, it is not impossible. Those keys come from the pre-shared key (the Wi-Fi password), which is still risky in a Public WiFi environment.

Let’s talk about Windows Wi-Fi settings for a moment. WPA2-PSK networks are safer because they use individual keys for encryption. On WPA-Enterprise or WPA2-Enterprise networks, all the keys for each device’s session are entirely independent.

It means that someone needs help to figure out what others are doing on Public WiFi. In this case, a scammer or hacker would have to create a fake Public WiFi hotspot to try and get to your stuff.

Secure vs. Not-So-Secure Websites

Secure vs. Not-So-Secure Websites

Nowadays, most websites use a protected connection known as HTTPS. It is like a secret code that keeps your information going back and forth between your device and a website safely and soundfully—all thanks to TLS (Transport Layer Security).

HTTPS is a fancier and more encrypted version of the basic internet standard called HTTP. It basically stops most outsiders from snooping on what you are up to on a website and keeps them from getting harmful stuff into your online traffic. If the site you are checking out has HTTPS, you will spot a little padlock in the left corner of your browser’s address bar.

Using HTTPS has made hanging out on public WiFi and the internet, in general, a much safer deal. But, here is the con: it will not guarantee you total safety, especially on public networks. You are still at risk for dangerous attacks like Man-in-the-Middle, phishing, certificate authority hiccups, and any weak spots in SSL/TLS.

One big thing to note: HTTPS won’t protect your DNS queries, the internet’s version of asking directions. Hence, those can still get grabbed and messed with, leading you to another server under someone else’s control. It is wise to team up HTTPS with a VPN for extra security.

HTTPS will keep the WiFi provider from peeking into the pages you visit, but they can still see the names of the websites you are calling through. Huge websites are usually all about that HTTPS life, but keep an eye out for the ones that aren’t. Someone with not-so-great intentions could watch what you are doing or slip some harmful stuff into the not-so-protected (HTTP) web traffic. And yes, the WiFi provider can keep tabs on and log that.

Surprisingly, 5% of people visiting Google skip the HTTPS party because their devices or software are too old school for the modern encryption game. If you are rocking outdated gear, think about an upgrade if you can swing it.

Pro Tip: While HTTPS will tell you that your connection is all locked up, it doesn’t guarantee you are on the website you think you are. Even if you see that little padlock, double-check that you must be redirected to a site with a similar name.

Man in the Middle (MITM) Attacks

Have you ever heard of a Man-in-the-Middle (MitM) attack? It is when a not-so-friendly third party gets in the middle of a chat between two systems and starts causing trouble. Imagine you are on public WiFi and suddenly this troublemaker jumps in between your computer and the web server you are trying to connect to. That is a MitM attack.

Pro Tip: Using public WiFi makes you more vulnerable to these sneak attacks.

On an open network, these troublemakers can mess with essential parts of your internet traffic. They can take the traffic in a different direction, slide some offensive stuff into the data packets, or even put up a fake website or login page.

For instance, Imagine that you think you are logging into your usual site, but the attacker is tricking you into revealing your password or making you think you are on a different, malicious site.

MitM attacks are a cheap, easy, and effective tool for hackers. They don’t need anything fancy but just something like the WiFi Pineapple. It is a portable device that looks like a WiFi router and only costs $120.00.

This $120.00 wonder device lets anyone exploit public networks to snatch up personal data. These gadgets make it a breeze for anyone to set up a fake WiFi access point and launch a Man-in-the-Middle attack. You can also grab one of these gadgets at your local computer store. The WiFi Pineapple can connect with hundreds of devices all at once. Security researchers use it to test public WiFi networks’ security and determine ways to protect them.

But, here is the disadvantage: it is a risky tool in the wrong hands. Hackers can use the WiFi Pineapple to grab sensitive information from unsuspecting people on public WiFi. And guess what? The WiFi Pineapple can also play with SSLstrip. It is software that turns secure HTTPS requests into their less specific HTTP versions.

Modern browsers usually warn you to use HTTPS, which is excellent protection. But here is the twist: it kicks in only on your second visit to the site. So, be aware, especially on those first visits.

Fake Hotspots & Evil Twin Attacks

Have you ever heard of fake hotspots or ‘Evil Twin attacks‘? They are common threats when you are hanging out on public WiFi. These attacks are like digital thieves, aiming to get your unprotected data and get into your device.

Here is how the game goes down: The attacker sets up a trap by pretending to be a public WiFi network with a very innocent name, like ‘Free_Cafe_WiFi.’ They just chill and wait for unsuspecting victims to connect. Some not-so-smart hackers might even use catchy names like ‘FREE INTERNET’ to lure people in.

What is even scarier? Devices like WiFi Pineapples can actively search for signals your phone uses to find and connect to known WiFi networks. Fake hotspots can copy these signals and pretend to be a familiar network. So, anyone with a WiFi Pineapple can trick your phone or laptop into hopping onto a risky WiFi network just by hanging out nearby. To you, you are connecting to a network you have used before.

Falling for a fake WiFi hotspot is a piece of cake for many people. At the 2016 US Republican Convention, over 1200 people connected to unknown accessible WiFi networks because they had catchy names like ‘I Vote Republican! Free Internet.’ It was a test by Avast to highlight the risks of public WiFi, and a whopping 68% of users at the convention gave their information when they connected.

Pro Tip: Always be cautious about auto-connecting to a network, especially if it has a name or location that raises eyebrows.

Tricky DNS Spoofing

Tricky DNS Spoofing

Have you ever heard of DNS Spoofing? It is like a clever internet trick, which is especially common on unprotected public WiFi.

Here is how they do that: When you visit a website, your device sends a message called a DNS query. It is like asking a phone book (DNS nameserver) for the correct number (IP address) to reach the website you want (like example.com).

Now, imagine someone messing with that phone book entry. That is what we call DNS Spoofing. It is like changing the number for ‘example.com’ in the directory. So, if a hacker tweaks it, anyone trying to visit that site gets sent to a different number picked by the hacker.

How does the trick work? Attackers will send your internet traffic to fake servers. This lets them send you to fake sites that look almost identical to the real ones. And these fake sites? They are out to trick you into sharing sensitive info, like your username and password.

Why do these hackers love public WiFi? These WiFi spots are often run by small businesses that need to secure their routers entirely. They might forget to change the default password and haven’t given their router an update in ages.

This will open the door to hackers dropping sneaky software on these not-so-secure routers. Then, the software will send all your DNS queries to the hacker’s tricky server. Before you know it, your internet traffic meant for real sites is taking detours to crafty and deceitful websites.

Pro tip: Stay alert, especially on public WiFi, and monitor your internet surroundings.

Watch Out for Session Hijacking

Have you ever heard of session hijacking? It is another pro type of Man-in-the-Middle attack, but the good news is it is less of a threat now, thanks to HTTPS. So, here is the deal: Session hijacking is like a hacker who is grabbing the main points of your online accounts.

When we researched, we learned that sessions are temporary connections between your device and a web server. It is like a handshake, ensuring both sides know who they are. So, when you log onto a website, you get a session cookie. It is a file that will note your interactions with the server. As you move around the site, the server will ask your device to prove it is still you by showing this cookie.

Now, let’s know about session hijacking. It is like a copycat move. Hackers will steal these cookies to pretend they are your device and snatch your online identity.

The most prized cookies are sent when you log into super-secure sites, like shopping or banking spots. So, on an unguarded network, attackers can use special tools called ‘session sniffers’ to spot and grab your session cookies.

Here is the con: Session sniffing tools are surprisingly easy to get, even though using them is against the law for spying and peeking at data. Stay safe out there.

How Hackers Use Public WiFi?

How Hackers Use Public WiFi

You might be thinking about the best tactic to beat a tracker. Well, the best tactic is to be one step ahead of a hacker. How can we do that? You can do it by understanding how scammers or identity thieves are trying to take advantage of unsecured Wifi users. 

Fake Hotspots

Have you ever lured a kid with an ice cream or candy? You see how they fall into your trap of yours easily. Hackers will try the same technique with you. They will offer you a promise of a free, easy, and open WiFi network. What will they do after that? If you fall into the trap, they are in control and can see everything you do online. 

File Sharing

Do you know you can get malicious software or other harmful viruses on your system using a file-sharing network or Airdrop? Hackers use this strategy to access your device to lay hands on your personal information. 

System Upgrade Alerts

Did you know that a system upgrade is a necessity for your program that keeps you safer? But you should be aware of it as it can be a hacker acting like a wolf in sheep’s clothing.

It means that whenever you click on the alere on public WiFi, you can end up with a virus instead of an upgrade. So, why take that risky part?

Sneaky Watchers

To explain, if you share the same internet connection as a hacker, they can see everything you do online. They can know what websites you are checking, they can have access to your passwords, or they can steal your personal information.

Because with that information, they might take money from the bank or create fake accounts using your name. They can also use your data for illegal activities. 

How Can We Protect Ourself While Using Public WiFi?

How Can We Protect Ourself While Using Public WiFi

We know that we are supposed to use public Wifi in some emergencies. And if a moment like that comes, then use these steps to make sure you are not falling into the wrong hands:

Check if the network is real

Imagine you are at an airport and see a Wi-Fi option named ‘Free Airport Wi-Fi.’ So, it sounds trustworthy. Airports are places where people often wait. Connecting your phone or laptop to the internet without using your data makes sense. Right?

But how can you be sure it is the airport’s actual Wi-Fi? It could also be a trap set up by a scammer hoping to catch people off guard. After all, hundreds of thousands of people pass through airports daily. If even a tiny number connects to a fake Wi-Fi, the scammer could get much data.

This could be pulled off by using simple and off-the-shelf devices. With the right tools, the person behind the fake network can see the information entered, risking data theft. Confirming the network’s legitimacy is very important in such situations.

It might be tricky when faced with a long list of Wi-Fi options, but most airports display signs with the official name of their free Wi-Fi. Make sure to connect to that exact network name. The same goes for other public places or offices; they usually show the correct network name. So, you need to pay close attention before you click to join.

Avoid Sharing Sensitive Information

There are lots of public WiFi networks that ask for your details before letting you use them. They might want your email or even your phone number. If you don’t wish the Wi-Fi provider to keep or use your data for ads, consider using a secondary email.

Some networks might need you to create a password for their Wi-Fi. If so, try not to use the same password you use elsewhere, especially if it is linked to your email. This way, if passwords somehow get out, they can’t be used to access your other accounts tied to your email.

You should watch what you share on public WiFi and avoid using sensitive information, like usernames, passwords, or bank details. Public WiFi means someone else could see your activity, especially if the website isn’t secured with HTTPS. But even if a site has https, it doesn’t automatically mean it is super secure, so you must be cautious about what you enter.

Disconnect From Networks You Are Not Using

If you are constantly moving, you might connect to the same networks in different places, like the airport on both ends of your journey or a coffee shop chain with spots all over.

Your device might automatically reconnect once you have connected to a network or provider before then. It is easy to miss, and you might assume the network is safe, but things can change.

To stay safe, make your device forget its connected networks. Or, at least, don’t let it reconnect automatically. You can manually reconnect later, but only when you are sure that it is safe to do so.

Use A VPN

Staying safe online is a big deal, especially when using public Wi-Fi. Even if you are sure the Wi-Fi is okay, you can take an extra step to protect your information. It is called a Virtual Private Network or VPN.

Here is the deal with VPNs: they do two important things. First, they scramble your data, so it is hard for anyone on the network to snoop on what you are doing. This is super handy because public WiFi usually needs to be more secure.

Second, VPNs can hide where you are. They act like a disguise for your internet address. This is cool for people who want to keep their online business private.

If you travel a lot or often use public WiFi, then having a VPN is like having a superhero cape for your online safety. Many companies offer VPNs, which are relatively easy to set up. You just log in and run it like any other app.

Now, you might be thinking about free VPNs. Well, be careful. Some ask for more permissions than they need or only partially hide your info. Generally, the ones you pay for are more trustworthy, but there are some decent free options from good companies. You can try using NordVPN.

Use Hotspot Instead Of Public WiFi

Concerning online safety, connecting to public WiFi has risks, even with precautions. But there is another option: using your smartphone’s mobile data.

Did you know using your phone’s data is safer than public WiFi? If you need your laptop online, you can turn your phone into a hotspot and connect through it. This is becoming more popular, especially with 5G smartphones faster than crowded public WiFi.

If you go for the hotspot, ensure it is protected with a strong password so nobody else can jump on it. Here is a thought: do you need to connect all the time? Not every visit to a coffee shop or airport has to be about getting online.

Sometimes, enjoying a coffee or a good book might be a better way to spend a few minutes than rushing to check emails on a random Wi-Fi connection.

What Are The Signs That We Might Be Connected To An Unsafe Network?

What Are The Signs That We Might Be Connected To An Unsafe Network

Not all Wi-Fi spots out there are friendly. Some people who are not lovely might create fake hotspots to mess with you. To avoid falling into their trap, you need to keep an eye out for these signs of a tricky Wi-Fi:

Familiar Names

If a network seems too much like one you trust, be cautious. Hackers might use a familiar name, like pretending to be your “home network” when you are not home.

HTTP Trouble

When visiting a secure website, ensure the address starts with “HTTPS,” not just “HTTP.” If it is the latter, you might be on a tricky Wi-Fi where someone’s trying to grab your information.

Simple Names

You should be suspicious of networks with essential names like “Free Wi-Fi” in busy places. Real public networks, like those in coffee shops, usually have names tied to their business.

Conclusion

We hope we have provided all the information to protect you from public network threats. Now that you are a pro at staying safe on public WiFi, knowing the risks and how to play it smart, you are set for better internet safety wherever you go.

Also, remember to check if your home Wi-Fi is locked up tight for extra safety. We hope you got everything you needed. If you still have any questions to ask, then feel free.

Customer Reviews for NordVPN: In-Depth Review, Tests, and Stats

IR Irina

Protect Yourself While Using Public WiFi
Verified
Connection issues with MLB.TV
So I had some connection issues on my iOS device (iPad) with MLB.TV streaming, and representative named Garfield SOLVED my unique problem that I had spent hours researching and tackling with no luck before today! Garfield was extremely patient, personable, and very knowledgeable. Through multiple approaches and problem-solving steps, he created a solutuon that worked. Way to go, and definitely a returning NordVPN customer here. Thank you, Garfield.
Date of Experience:
May, 2 2023
CH Christina

Protect Yourself While Using Public WiFi
Verified
Prompt customer service
My subscription automatically renewed and a payment was taken, which I didn’t want as I haven’t been using the service. I contacted the company and received a prompt and efficient response where my subscription was reversed and the payment was returned. If only every company was so easy to contact and communicate with!
Date of Experience:
May, 6 2023
MW Michael White

Protect Yourself While Using Public WiFi
Verified
I would highly recommend
Excellent service and easy to use to protect your privacy. I have NVPN on my laptop, iPhone and fire stick, great value for money.
Date of Experience:
December, 15 2023
Copy link