Go to top of page

Staying safe using public Wi-Fi

8 August 2017

What does life even look like without internet? You’re not alone if you hope you never have to find out!

When you’re travelling or can’t use your mobile data, public Wi-Fi can be like finding water in the desert. But be warned, using public Wi-Fi without taking steps to protect yourself could be disastrous.

What’s the risk?

Public Wi-Fi in hotels, airports and even cafes can be a prime spot for phishing. Phishing is when someone attempts to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons. This can be done through seemingly legitimate emails with links to malicious software or through more hidden means. For example, with everyone on the same easily accessible network, it’s very easy for someone to look at what you’re doing and steal your information.

With everyone on the same easily accessible network, it’s very easy for someone to look at what you’re doing and steal your information. Login details, banking details and emails can all be seen by a hacker in plain text. Proof it’s that easy was demonstrated when cyber security experts in the UK taught a 7-year-old how to do it! 

There’s even a well-known hacker group called ‘DarkHotel’ who target luxury hotel Wi-Fi networks to infect users with malware. Security experts believe their aim is to carry out espionage on corporate research and development personnel, CEOs, and other high-ranking corporate officials.

The other risk is the ‘evil-twin’ of public Wi-Fi networks. A network that has a similar name and appears legitimate but exists only to steal your information.

How to stay safe

We recommend avoiding public Wi-Fi wherever possible—the risk is just too great.

However, if you must, following these steps can provide some protection:

  • Make sure your computer has its firewall enabled before connecting to any Wi-Fi network.
  • Make sure all your software is up-to-date and you have a good anti-virus program installed.
  • Use a virtual private network (VPN) to protect your communications. A VPN encrypts all communications between your computer and the remote VPN endpoint. For business purposes, use your employer’s VPN, otherwise consider using a reputable one that offers its services to the general public. Ensure the VPN connection is correctly established before using any applications that communicate over the internet. If you are unable to use a VPN, make sure any applications you use, for example email, or websites you visit are configured to encrypt their communications.
  • Avoid sending sensitive emails, accessing your online banking or using your credit card while connected (and make sure your apps with this information are closed).
  • Use two-factor authentication wherever possible—this way if your password is stolen, the hacker still can’t access your account.

Read more on using public Wi-Fi networks.