Don’t let anyone fool you – everybody loves it when there’s free Wi-Fi around. Unfortunately, free Wi-Fi also comes with the gift of free hackers. It’s not particularly difficult for someone to download a piece of software called a “packet sniffer” (along with other tools), look up some tutorials online and start harvesting your connection for:
- Email and social media login details
- Bank and credit info
- PayPal account(s)
- Everything in between
This is especially true if you connect to unsecured (i.e. no password) Wi-Fi. Oh, and secure Wi-Fi isn’t much better. Next time you’re at the café, airport, or at a hotel, think twice and follow the advice below before hopping on their network.
Always Use HTTPS Websites
Hypertext Transfer Protocol Secure (HTTPS) is the upgrade to the unsecured HTTP – the protocol which basically “downloads” websites so you can view them on your device. It’s an oversimplification, but that’s what basically happens. In any case, HTTPS also adds encryption to the table, meaning that the data transfers between your device and the secured website/service will be unintelligible to outsiders snooping in on your connection.
You can recognize websites that use HTTPS either because their link is displayed as https://www.example.com or there’s a (usually green) padlock symbol in the address bar. Of course, scammers can buy cheap SSL certificates to lure you into their fake websites with a false sense of security. But as a general rule, you should still stick to HTTPS connections.
Turn Off Wi-Fi Auto-connect
There’s a sneaky way hackers are fooling people into handing their data on a silver platter – and that’s through “evil twin” Wi-Fi hotspots. They essentially create a hotspot that almost perfectly mimics the legitimate network you’d try to connect to. And they don’t need more than a notebook PC either, so you can’t spot some suspicious person carrying hi-tech gadgets around.
It’s difficult to defend against this type of attack, but what you can do is turn off your device’s Wi-Fi auto-connect settings so you don’t accidentally connect to one of these fake networks. Another solution (recommended by the Wi-Fi Alliance) is using a Virtual Private Network (VPN) to connect to public Wi-Fi. More details in the next section.
On a related note: You should also disable Bluetooth/Airdrop discoverability and file-sharing while you’re in public. It prevents anybody from transferring infected files on your phone without your knowledge.
Use Trusted VPN Software
VPN software allows you to reroute and encrypt (obfuscate) all your traffic through a secured “tunnel.” Once you’re connected to a VPN server of your choice (from a multitude of countries), any data you transmit or receive will be unreadable to malicious third parties. This means you can safely log in to email or social media, do some banking and other sensitive operations in peace.
A VPN will protect you from the dangers of an insecure network, even compromised ones like the “evil twin” case. Since all your data is encrypted even before leaving your device, it’s virtually impossible for hackers to snoop around.
Moreover, a VPN will hide your true IP address and make it seem like you’re browsing the web with the VPN server’s IP. A user from Greece could appear to be browsing from Thailand, for example. That’s an extra layer of privacy, as people can find out your approximate location by using your IP.
Watch out for so-called free VPNs, though. Not only are they known to log and sell your data to third parties, but a lot of them contain dangerous malware. Speaking of which, you should look up some decent anti-malware for your device(s).
Install Reputable Anti-malware
The most common way hackers can do damage is by getting you to install malware (malicious software) It’s also incorrectly referred to as a virus, as viruses are just a small part of total malware. In any case, this is commonly done through phishing scams – posing as a trustworthy website or service to get you to click on malicious scripts or download infected files.
Most phishing scams are done through email, but hackers can redirect you to malware-infected or phishing websites if you connect to their fake hotspot. While a VPN can prevent them from seeing what data you transmit to legitimate websites, it’s all for nothing if you type your account and password on their phishing site. Nor can it prevent malware from infecting your mobile device and stealing your data.
Aside from anti-malware, another effective line of defense against outside, malicious data packets comes from firewalls.
Keep a Firewall Active
A firewall scans incoming and outgoing network traffic and looks for signs of malicious behavior based on certain rules in the software. You can also add your own rules about what network traffic should be allowed.
Let’s say you only browse a handful of websites on your phone every single day – social media, email, YouTube, etc. You can set up a rule that only allows traffic according to the domain name of those specific websites (for example www.youtube.com).
You can also use IP addresses or TCP/IP ports for the same effect. For instance, you can set a firewall rule to filter out traffic from TCP port 80, which is used by insecure HTTP websites. You won’t be able to access those sites, but at least your device is safe if you accidentally tap on one.
Use Multi-Factor Authentication
Even if you’re not using public Wi-Fi regularly, it’s still a good idea to set up multi-factor authentication for the websites you visit. Many services now use two-factor authentication with SMS security codes or their own authenticator apps (like Valve’s Steam Guard or Google Authenticator).
You can go one step beyond and use fingerprint or facial recognition scanners as a security measure if you work with particularly sensitive files. (Though perhaps you shouldn’t be using public Wi-Fi in that case.)
Finally, if you really want to avoid all this hassle, just stop using public Wi-Fi.
This article was created in collaboration with ProPrivacy.