Pierluigi Paganini August 22, 2019

Isn’t public Wi-Fi great? If you’re having a tea or coffee in a cafe or restaurant you can check your emails and social media.

If you’re waiting for a flight what better way to pass the time than logging onto your favourite website, checking your bank account or even doing a bit of online shopping? And you don’t have to pay a penny or cent. It’s free and you’re not eating into your data allowance. 

Except there’s a problem. Public Wi-Fi is notoriously insecure. Data that travels over a public hotspot network is rarely encrypted. This means that every time you use public Wi-Fi, anybody who is looking can see everything you are doing. They can see the passwords you use, your email address, your name and physical address, phone numbers and any other type of personal information that you might happen to enter into a website. They can certainly see the websites you are visiting. 

This information is gold dust to cyber criminals. It enables them to access and rake through your emails, target you with specific phishing mails, call you with targeted messages and even capture and exploit your payment card details if you happened to buy something online when using public Wi-Fi.

Hackers capture this unencrypted network traffic by interfering with the public Wi-Fi or by creating an ‘evil twin’ fake network which looks legitimate but has actually been set up by the hacker. Because attackers are typically silently observing the public Wi-Fi traffic these attacks are difficult to spot.

• An attacker could see that a user is accessing a banking site and change the destination account number to a fake website they have set up that emulates the legitimate site.

• Attackers can also redirect users to making a so called ‘important’ download or update, which actually is a Trojan horse for malware that is planted on your device. 

These attacks can also be easily automated. For instance there are automated tools that look for passwords and write them into a file whenever they see one. There are automated attacks that wait for particular requests, such as accessing Amazon.com, designed to scoop up usernames and passwords.

In the name of self defence

These attacks aren’t theoretical. Hotels are a favorite target, especially during the holidays, but so are shopping malls, airports, cafes and different types of transport stations.

So what can you do to protect yourself? The answer is a virtual private network (VPN) which creates a private tunnel between your device and the internet and encrypts your data. It essentially locks down your network traffic so no one can see what you are doing when you use public Wi-Fi. 

BullGuard VPN for instance uses military grade encryption which would take more than a lifetime to crack. When confronted with this level of protection, hackers simply move on. 

Further it also protects you from other types of snooping whether its companies trying to track your movements or even governments spying on their citizens. In short, you reclaim your privacy and can use the internet with total freedom and safety, even on public Wi-Fi.

About the Author: Susan Alexandra is a cybersecurity and privacy enthusiast. She writes for publications like GlobalSign, Tripwire, SecurityAffairs, SecurityToday and CyberDefenseMagazine. She is a small business owner, traveler and investor of cryptocurrencies. Susan’s inbox is open for new ideas and stories, feel free to share story ideas to [email protected]

Pierluigi Paganini

(SecurityAffairs – Wi-Fi, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]