We're all guilty of it. Connecting to public Wi-Fi wherever we are, just to check social media or see if we've got any emails.
The bad news is connecting to public Wi-Fi can be incredibly dangerous and you're at risk of exposing your sensitive information to unscrupulous criminals. In this article I'm going to take a look at the pitfalls and how you can safely secure your Wi-Fi usage.
I've done it, you've done it and everyone you know has probably done it too. If like me and you're in an area with no mobile internet signal or you just want to save on that measly data package then you've no doubt connected to the nearest public Wi-Fi connection.
The Wi-Fi could be in a cafe while you chug down that cappuccino or even an inviting hotspot called “Free Wi-Fi” that you really don't even have a clue where it is from. If you're not in an establishment then just the fact that it doesn't require a password is enough to make many of us connect.
Beware of the danger of public Wi-Fi
In a 2014 study carried out by Purple.ai amongst mainly UK respondents, it found that 72% of those questioned connect to public Wi-Fi when available. UK citizens aren't alone in their eagerness for public Wi-Fi as a similar study in the US from 2013 by the Identity Theft Resource Center found that respondents were 3x more likely to connect to public Wi-Fi if it was free.
The sad fact is, public Wi-Fi is not secure and it's an important fact that many of us aren't aware of.
On your home Wi-Fi connection you should be pretty much aware of the others connected to the network such as your family or even friends. In comparison on public Wi-Fi you don't know the other people who are connected and what their intentions are.
With readily available tools unscrupulous hackers can target any unencrypted data that passes over the public Wi-Fi system. Most worryingly this would include your private emails if you use an email client but can also include anything you enter on unencrypted websites (ie; websites that don't begin with HTTPS).
The issue doesn't stop there either. A freely available add-on for the Firefox web-browser called Firesheep allows anyone without any technical skills to have the possibility of logging into your Facebook account or that of 26 other websites. While a user of Firesheep couldn't change your social media account password it would be highly possible that they could post a status update or send out an email from your account.
How to mitigate against the security threat
In the 2013 study by the Identity Theft Resource Center it also found that 76% of respondents believed that that using free Wi-Fi hotspots could lead to identity theft but although we're obviously a distrusting bunch, 46% weren't aware there was a way to protect against the threat.
Use a Virtual Private Network
A Virtual Private Network or VPN is a virtual Swiss army knife security tool that can not only protect your internet connection when using Public Wi-Fi but also at home and has other uses such as allowing to you access geo-blocked content.
A small piece of software or app offered by providers such as IPVanish and ExpressVPN sits on your computer, laptop, tablet or phone and encrypts all of the data passing between your device and a server provided by the VPN service located elsewhere.
This ensures that any data is fully locked down and anyone on the same public Wi-Fi network can't see or decipher what you're doing over that connection due to the high-level of encryption in use.
A good place to start to get a VPN is one of the providers mentioned above, our VPN Comparison Guide or if you're struggling to understand the terminology our Beginner's Guide to choosing your first VPN.
Use HTTPS Everywhere
HTTPS Everywhere from the Electronics Frontier Foundation (EFF) a site which we're a donor towards and who fight for digital rights online is a free tool for the Chrome, Firefox, and Opera web browsers that forces the secure HTTPS protocol when possible on portions of websites that may otherwise use the standard non-encrypted HTTP protocol.
While this won't mitigate against all types of attack when using public Wi-Fi and is nowhere near a substitute for a fully paid for VPN service it will increase your browsing security in some instances.
Things to remember
- Public Wi-Fi isn't inherently secure so using a VPN is a way to make it secure and regain control over your sensitive information.
- Wi-Fi network names can be created by anyone. Just because a hotspot is called “Official Library Wi-Fi” doesn't mean it is actually run by that organisation and anyone could be behind that network. Double check the hotspot name with the place you're in before connecting.
- Password free Wi-Fi networks can be even riskier because users can connect from outside an establishment without the need to even enter premises to gain the password.