5 Ways You Can Be Hacked Through Public Wi-Fi
You know that feeling of pure joy when you stumble upon free Wi-Fi? It can feel like a total lifesaver in certain situations... but here's the thing, cybercriminals are also head over heels for free Wi-Fi. Of course, their reasons are a bit more nefarious than yours.
You see, when you connect to a free Wi-Fi network in a public place, it's like rolling out the red carpet for hackers to waltz right into your private data. What you might see as a convenient link to the online world, hackers view as a golden opportunity to get their grubby mitts on your sensitive information.
But don't start sweating just yet! There are ways to make yourself less of a target, which we'll dive into in more detail shortly. But first, let's take a closer look at the world of public Wi-Fi and how hackers try to exploit it to steal your precious details.
What Is Public Wi-Fi?
A public Wi-Fi hotspot is precisely as it sounds. It’s a way to connect to the Internet for free, usually made available in public places, like coffee shops, airports, libraries, and hotels. It’s a pretty practical benefit that people can take advantage of when they need to connect, especially those who work from home or travel frequently.
Problematically, public Wi-Fi has become a dangerous online environment.
Here are 5 ways that hackers steal your information – perhaps even your whole identity.
1. Man-in-the-Middle Attacks (MitM)
An MitM attack is perhaps the most common of the cyberattacks associated with public Wi-Fi. In its simplest form, it’s where an attacker intercepts and modifies communication between two parties. What this means that when you join a public Wi-Fi connection, which offers little to no protection for users, a hacker can monitor your usage and intercept all the data that you enter – like your login details for social media, health insurance app, or even your bank’s website.
2. Fake Hotspots
You’re sitting in your favourite restaurant, Bingo Wings, cruising on your device when a hotspot named BingoWings123Free pops up. No harm in connecting for free so you can scroll your socials or login to your banking app to check fund before you order, but in doing so, you could be handing over all your private information.
There are a bunch of different names for this method, like ‘evil twin hotspot’ or ‘rogue hotspot,’ but our favourite is the ‘honeypot’ because hackers lure people in with free Wi-Fi, like bees to a flower. Once you’ve connected with the unsecure network, the hacker can intercept your data and steal your account names and passwords. They could also redirect you to illegitimate sites, such as phishing sites or malware, and can see the contents of any files that you download or upload.
3. Eavesdropping Attack
Also referred to as ‘sniffing’ or ‘snooping,’ this kind of cyberattack also involves taking advantage of people using an unsecure network – usually through connecting to a public Wi-Fi hotspot. The hacker downloads data packets through this network, stealing information that’s being sent or received by the user.
Hackers then sniff around in their own time to gain sensitive financial and business information that they can sell for criminal purposes.
4. Sidejacking
Sidejacking, or ‘session hijacking,’ involves a hacker gaining unauthorised access to a website by using public Wi-Fi networks. Simply, your login information is sent over an encrypted network and verified using the website's account information. This then responds by sending cookies to your device, which isn’t always encrypted. As a result, a hacker can take over your session and gain access to any private accounts you're logged into.
5. Shoulder-Surfing
This isn’t exactly hi-tech, but it’s effective. All that’s required is for the criminal to hang about and peek as you enter your login details – particularly on private or sensitive sites, like your banking app or online shopping websites. It’s a primitive scam and a decent hacker doesn’t need all the exact letters and names. Just watching what you type can give them something to work with.
Stay Safe!
The main thing to keep in mind about using public Wi-Fi is that other parties can (and often very likely do) monitor any traffic you send or receive. This includes every personal email, login and password, or funds transferred from your bank account.
So, what are you supposed to do? Look a gift horse in the mouth? Well, if that horse is actually a donkey then yes! But we hear what you’re saying and have put together a number of tips to help you stay safe if you have to use public Wi-Fi.
These safety measures include:
Use a VPN – This will encrypt your data and keep it private online, and fortunately VPNs are easy to find and use.
Check the “s” – Look closely at the URL of the site you’re visiting and if there’s no little lock icon in the tab and no “s” in https (which stands for secure), then it’s not secure.
Strong Passwords – Create long, unique passwords for each account and don’t recycle passwords, so that even if you’re using an unsecure network, hackers can’t access your accounts.
Enable 2FA – This extra security measure for access relies on two pieces of identification before granting access to sensitive accounts and data, like your Google Drive or banking app.
Be Vigilant – Know who’s around you and if you feel like there might be eyes following your every tap on your screen, don’t go on anything private.
Stay Protected
With this info under your belt, you should have a better idea of the risks involved in using unprotected Wi-Fi, as well as some handy tips to keep yourself safe from any potential attacks. This way, you can confidently grab your laptop or mobile device, head down to your favourite local coffee shop, and surf the web or tackle your work without worrying about digital bad guys trying to steal your data.
Written by Francis West - Board Director for the Eastern Fraud Forum