If I was not vigilant, and by coincidence was testing a new phone so the Wi-Fi list was empty, I may not have noticed and my use would be exposed to hackers.
First, was in a Westfield Shopping Centre where “Westfield Level 5 Guest” popped up. Suffice to say that is not the correct SSID (Service Set Identifier) for Westfield and judging by the signal strength was probably a nearby smartphone being used as a hotspot.
Next was at a hotel on the central coast I was staying at. Again, the hotel name and the word guest were well up the list but I knew that this was wrong as it was unsecured — no lock symbol — and I had been given a password.
These are not isolated incidents – in my recent travels in the US, New Zealand and inter/intrastate, I have found numerous instances of free, unsecured Wi-Fi that was potentially risky.
I mentioned that I was using a review phone and it alerted me to new SSIDs it encountered instead of blindly logging on – a convenient feature of most smartphones if they have encountered the SSID before. My day use phone is protected by Norton for Android that constantly reminds me of the dangers of free Wi-Fi and I use a VPN for added protection.
As this is a growing threat I asked NordVPN to provide some generic background on the issue. To be fair there are several reputable VPN companies as well as Norton (that provided the graphic at the end) and other security companies all of which will give similar advice – make sure you know the SSID, don’t use unsecured SSID, and all categorically state use a VPN.
NordVPN pointed to a study by Private Wi-Fi that although dated, stated that 79% of users don’t use a VPN with free Wi-Fi and indulge in risky business. And over 50% connect to free Wi-Fi at least weekly and 46% were blissfully ignorant of the risks of free Wi-Fi.
Kent Lawson, founder, and chief executive of Private Wi-Fi, said it all, “Every day we read about public areas like parks, train stations, and schools adding free public Wi-Fi, but we are not hearing about what this means for individuals using these services, the hazards that prowl, or how to protect ourselves. The public needs to know just how easy it is for hackers to hack into these public airwaves and steal your private information right out of thin air.”
NordVPN has identified three common ways that a hacker can take advantage of an unsecured or spoofed Wi-Fi hotspot.
Honeypot Wi-Fi. The most common threat is still a hacker positioning himself as a Wi-Fi hotspot - the so-called honeypot Wi-Fi. When that happens, a Wi-Fi user will be sending their information to a hacker instead to a legitimate Wi-Fi spot - and that could include credit card information, private emails, and any other sensitive information. This technique is very easy for hackers, as Wi-Fi spots rarely require authentication to establish a connection.
Wireless sniffers. Hackers can use sniffers, software, and hardware designed to intercept and decode data when transmitted over a wireless network. It is very easy to monitor and decode another person’s private data.
Shoulder surfing. Although not a tech-based threat there can be data thieves lurking around, who will watch over a shoulder to memorize passwords or credit card information that one enters into their device. Just as it’s important to be careful when entering a PIN number into an ATM machine, it’s important to make sure no one is looking over a shoulder when going online at a public Wi-Fi spot.
Simple rules to help make free Wi-Fi safe
Use a VPN. The best and most effective way for any traveller to protect their data is to use a VPN (Virtual Private Network). A VPN service encrypts all the traffic flow between the Internet and a device hiding user’s IP address and making it impossible for a hacker to see the plain text.
Disallow automatic wireless network connection. Make sure automatic wireless connection are not turned on, and Wi-Fi is turned off when it’s not being used – this will prevent hackers from automatically connecting to your device.
Sharing settings should NOT be set to Public. To prevent anyone from finding and accessing one’s device, it’s important to make sure System’s Settings are not set to Public sharing.
Be vigilant. It’s always important to know who’s around to avoid shoulder surfing or any other suspicious activities.
Don’t practice risky behaviour.
NordVPN also suggested using a firewall. Take care; there are more than 250 “firewalls” on Google Play and most require Android rooting – avoid these.