14 Things You Should Never Do When Using Public Wi-Fi
Technology is amazing and we've all grown used to being able to connect with the rest of the world at just the touch of our fingertips. But what are the dangers of all that connectivity? And are you taking the precautions you should?
Let's start with the basics—connecting at all. "It's a huge security risk to connect to and use an open Wi-Fi network," says Weiging Sun, PhD, cybersecurity expert and associate professor of computer science and engineering technology at The University of Toledo College of Engineering. "What's worse is that the users are not aware when the public Wi-Fi network is already connected and being used."
That's because most phones connect automatically. But that opens you up to hackers and scammers everywhere you go. Instead, Sun says users should check their device settings and disable automatic connections. Learn the clear signs you're about to be hacked to better arm yourself.
Connecting without caution
So you've disabled your automatic connections, but you still need to occasional public Wi-Fi access. Be careful about which networks you choose to connect to. "Attackers can set up phony Wi-Fi hotspots to lure users to connect to and use them, and then steal data passing through the network, which is under their control," Sun says. He explains an attacker may set up a Wi-Fi network named Starbucks-guest-wifi-1, for instance, knowing users will assume it's safe. "We should always use caution and verify the trustworthiness before using a public Wi-Fi network."
Playing with money
Don't perform financial or other sensitive transactions, including banking or filing taxes on public Wi-Fi networks, says Alan Brill, a senior managing director with Kroll's Cyber Risk practice. "An attacker may capture your online bank's credentials or credit card information."
He says "the two biggest threats to using public Wi-Fi are hackers who are able to set up 'man-in-the-middle' attacks and intercept all your activity on that network, combined with the inherent lack of privacy posed by unsecured connections."
Sharing your passwords
Wi-Fi users should "avoid using any site that requires you to log in with your username or password. You risk exposing those log-in credentials to strangers," reminds Brian Lapidus, practice leader in Kroll's Identity Theft and Breach Notification practice. You might think you're safe on sites that encrypt your password, but Lapidus explains that "hackers on public Wi-Fi can 'listen in' and capture credentials before they're encrypted."
Look, we all love a good deal—but maybe wait until you're home to take advantage of any you find online. Business growth strategist Lance Thompson says, "When you check out and pay for your purchases, your confidential information, including your contact info, credit card info, and user names and passwords are all sent over the Internet." He explains that even on secure websites, "a hacker could have installed keylogging software in the Wi-Fi network that will capture your private data and then use that data for identity theft or to make purchases using your credit card." But this isn't the only online shopping mistake you need to stop making now.
Working from anywhere
One of the beautiful things about all this connectivity is being able to deal with just about any work crisis within seconds, no matter where you are. But not so fast…."Avoid connecting to work services like business email, customer relationship management tools, and accounting software," Brill explains. "An attacker armed with such credentials can cause millions of dollars of damage to you or your company."
Checking your own email
We've already covered staying away from work email, but you probably have some things you'd like to keep private in your personal email as well. Technology expert Burton Kelso of Integral Computer Consultants says criminals have the ability to snoop in on your keystrokes when you're using public Wi-Fi, which means they can gain access to your web-based email accounts if you log in while they're watching. "Most people use their email as a personal filing cabinet with tons of information that can be exploited against you," he explains. Wherever you send your emails, you'll want to avoid these annoying email habits.
Anything without an HTTPS
This may seem like a no-brainer, but you'd be surprised how many people browse without paying attention to the web addresses they're on. Lapidus says you need to, though. "Avoid unencrypted websites," he explains. "Use only those that use HTTPS." Without that, everything you do can be transmitted in plain text.
The good news is your phone will probably try to warn you if you drift into a site you shouldn't. "Most modern browsers identify HTTPS-protected websites with a lock icon in the address bar. That's your indication that the site is using encryption to protect your communication." These are the computer security warnings you should never ignore.
Setting yourself up for embarrassment
Look, what you do on your personal web-browsing time is your business, unless that is, you do it on a public network. Then you should always assume someone else may be looking over your shoulder. For this reason, Brill says you should stay away from browsing anything you might be embarrassed about if discovered. "Do not visit private or 'sensitive' sites or watch 'embarrassing' videos," he advises. "Remember that not only may your activity be intercepted, but the Wi-Fi provider may keep records of the sites you visit."
Don't do it. Don't even think about doing it. "Turn off automatic file sharing on your laptop," says Lapidus. "Your phone or computer shouldn't be visible to others to link to and transfer files. You might like to think of yourself as being popular, but if someone transfers a malware-infected file you'll just be a popular victim." You should also be aware of the 12 signs your computer has a virus.