Things to Be Aware of With Public WiFi
Fake WiFi Access Point (Hotspot)
It is a Wi-Fi Access Point set up by an attacker outside a facility with a free public wireless network. The fake Wi-Fi hotspot picks up signals from legitimate Wi-Fi and transmits identical signals. This is called the Man-in-the-middle attack (MiTM).
Man-in-the-middle attacks allow hackers to insert themselves between the user and the website (service). This allows the hacker to read the user’s emails, see the websites they are visiting, or steal their personal information, e.g. passwords, account information.
Do Not Get Scammed
- Hackers set up rogue hotspots by simply adding the word “Free” to the rogue hotspot. Avoid connecting to anything with the word “Free”.
- Avoid connecting to a brand name, e.g. Linksys or Netgear. The brand names are the default identification for networks using its brand wireless router.
- Look closely at any login screens that pop up when you open your web browser. Are images missing? Are words misspelled? Does the layout look different?
- Try to always use the encrypted version of a website. Make sure the website URL starts with HTTPS vs. HTTP. The website URL that starts with HTTPS is encrypted.
- Many legitimate free WiFi networks require you to agree to their Acceptable Use Policy (aka AUP) to use their WiFi. If missing, this is a potential flag.
- Most trustworthy free WiFi networks now demand a login before you can connect. If the one you are accessing does not, beware.
- You should avoid any public WiFi network that demands credit card details as part of the connection process – this is a classic sign of an online scam.
- Remember, you can ask the manager or an employee which network is the correct one and if it requires a login. They will provide the login.
Always Maintain a Secure Device
- After you have connected to a public WiFi, your device may connect to it again automatically. Either set it to not connect automatically or disable wireless networking when not using it.
- All devices should have up-to-date antivirus software and it is particularly important if you are connecting to public WiFi.
- A personal firewall and spyware detection software is also very important. Always scan for malware after you use public WiFi.
- If you need to use public Wi-Fi for work and your company provides a Virtual Private Network (VPN) access, use it.
Avoid Sensitive Transactions
Do not enter passwords or financial information even if you are connected to a legitimate Wi-Fi hotspot. Someone simply can be looking over your shoulder.