Home > The Risks of Using Someone Else’s Wi-Fi

The Risks of Using Someone Else’s Wi-Fi

The internet has made doing many things much easier. It provides instant gratification for shopping for that perfect outfit or new gadget, and banking and bill payment services are just a click away. But the internet also has made it much easier for cybercriminals to get your personal information.

The dangers of using a public or unsecure Wi-Fi connection

When you connect to an unfamiliar Wi-Fi network, including a public Wi-Fi network at your favorite coffee shop, restaurant or store, you’re opening the door for hackers and cybercriminals to steal your personal and confidential information. They can impersonate you, steal your money, or even sell your information on the cyber black market to a host of people who could do the same. How can they do this?

In a July 2014 article in Forbes, Vice President of Check Point Software Technologies Bari Abdul highlights common ways a hacker can get into your computer when you’re using a public Wi-Fi or someone’s unprotected Wi-Fi network.

Scenario No. 1: Rogue/evil twin Wi-Fi

“A hacker creates a hotspot named Hotel Wi-Fi in a hotel lobby using a USB antenna and laptop. You connect to it and log in to your email or other account,” says Abdul. “When [you] log in, hackers ‘listen’ for your passwords and other sensitive information. They can also use these networks to get you to download malware.” You’re none the wiser, because most hotels offer free Wi-Fi to their guests, and why would something so official-looking be fake?

Scenario No. 2: Man-in-the-middle attacks

Man-in-the-middle attacks happen when a hacker intercepts communication between two computers while one is connected to an unsecure network, like public Wi-Fi.

“A common man-in-the-middle attack is when a third party or ‘middle person’ eavesdrops as you exchange bank account or credit card information. Traveling and forgot to set up a payment? Be aware that online shopping interactions or other financial transactions are highly susceptible to man-in-the-middle attacks,” reports Abdul.

Other common ways you could unknowingly allow a hacker access to your devices include using smartphones that automatically connect to any available Wi-Fi (including rogue Wi-Fi networks posing as legitimate ones) and even maintaining a home or office network that’s not up-to-date in its firewall and security software. A hacker will wait until you use the device on an unprotected connection and then eavesdrop on everything you type, looking for passwords and sensitive banking or credit card information.

Tips to protect you from becoming a victim of cybercrime

Kaspersky Labs, a renowned global cybersecurity company with a North American base in Massachusetts, shares tips on its website about how to protect yourself while banking or shopping online with an unfamiliar Wi-Fi connection.

1. Treat every unknown Wi-Fi connection with suspicion. If you’re in a retail store, talk with an employee before connecting to verify its safety.
2. Use your smartphone as a hotspot instead of connecting to any Wi-Fi networks, and turn off the capability in your device’s settings to automatically connect to available Wi-Fi without permission.
3. Because links are often infected with Trojans or other malware viruses, always type in the full URL to the online bank or store instead of clicking a link.
4. Beware of fake messages from your bank asking for personal information. A legitimate financial institution will not ask you to send sensitive information via email or a pop-up window; nor will it ask you to visit its site for authorization.
5. “When you’re visiting a web page that needs you to enter confidential data, carefully check that the address of the page that’s shown on the browser corresponds with the page that you were intending to access,” says Kaspersky Labs. “If the URL is made up of a random selection of letters and numbers — or it looks suspicious — do not input any information.”
6. Before entering any sensitive information, check that the URL in your browser has a padlock icon and starts with “https” — not “http” — to make sure the connection’s encrypted.

Used with permission by First Federal Bank