The Risks of Public Hotspots: How Free WiFi Can Harm You

Risks of Public WiFi_header
Practically anywhere you go, you’ll come across public WiFi hotspots. However, this free service could spell trouble. We explore the security risks of public hotspots and what to consider before connecting to public WiFi.

Click on image to enlarge
Risks Of Public WiFi

* = Turn on two-factor authentication for your accounts
How to Turn on Two-factor Authentication for Your Email Accounts
How to Turn on Login Approvals on Facebook
How to Turn on Two-step Verification for Your LinkedIn Account

39 thoughts on “The Risks of Public Hotspots: How Free WiFi Can Harm You

  1. Pingback: The Risks of Public Hotspots: How Free WiFi Can Harm You | Remote Computer Expert

      • Have to agree. When going ANYWHERE away from your home network, and you use anyone else’s wifi, make sure you have a VPN that is working and turned on.

        You can get various services for a few bucks a month or $60 to $70 USD a year. Yeah you can probably get “free” VPN, but why would you? Isn’t your identity and security and safety worth a couple of bucks a month?

        Get a VPN. Use it when accessing the internet through any wifi other than your own.

      • That is correct, but it only covers browsing you do through the VPN. Some VPN clients set your system’s IP address to the VPN provided address, but I remember using some that do not, affecting instead only traffic done under the VPN connection.

    • The brief answer is: since the VPN does end to end encryption, all the information is already encrypted by the time it leaves your computer over WiFi. So whether the attacker tries man in the middle or rogue hotspot, he cannot decrypt the data.

      The protection in HTTPS is almost as good, but if the service provider has allowed the NSA to connect an HTTPS proxy, they can still read it.

    • Actually, it won’t….if you have a Windows phone. Windows phones do *NOT* support PPTP or L2TP VPN, which are the most commonly supported VPN technologies available and which *EVERY* network in the world supports…except that Microsoft has seen fit that their phones will *NOT* support the world’s most common network security technique. In fact, Windows mobile devices haven’t supported VPN since 6.5, which was the last Windows Mobile version with VPN capabilities. Sorry folks…no VPN for windows mobile devices!

      • Hey there BowDowntoZod. :-) Just wanted to add to your post that MS is going to add VPN support to Windows Phone 8 in 2014. Here’s some more info: .One more item that some people may not be aware of, if a VPN service only offers PPTP, don’t waste your time or money dude. Simple explanation is PPTP is cracked and basically useless. Look for VPNs offering LT2P/IPsec or OpenVPN. Personally, I prefer LT2P/IPsec over OpenVPN (4 right now) because if you know how to set it up correctly, it can be customized to your device (you do need basic networking skills tho). OpenVPN technology just installs itself but offers equally awesome protection. One last thing, although 128-bit encryption is fine, 256-bit is better. If you find a VPN service offering 512-bit encryption, definitely go for it if it’s not too expensive. :-) Happy Holidays 2 all man.

  2. The best advice is just be careful what you do when you’re connected to a public hotspot. I tend to never do anything that involves the transmission of personal information; online banking, e-commerce transactions for example.

    • Just staying away from things like that might not be enough. Suppose you only use a public WiFi for your email or Facebook and someone gets your password. They might find enough information from those two items to get to your banking and other personal information. Or if you use the same user name and password for your bank, then they can get into your financial records. The best bet for public WiFi is to never go to any site that requires you to pass any personal information.

      • No, rather, while using public WiFi, only go to sites that pass the information in HTTPS when they require you to pass any personal information — including, of course, username/password.

  3. Thanks for the post! Watching what you do when you’re on public wifi is one of the best ways to maintain your security. Just be conscious and don’t venture into risky websites.

    • I supposed Keyloggers should not be a problem as it requires physical access to your pc/notebook devices. But you still risk the danger of sniffers that will sniff the information over the air.

    • Keylogging is an issue with your own personal device and not a network or ISP issue. If you are being attacked by a keylogger, then you have other problems you need to address!
      Your best defense against people eavesdropping on your WiFi communications (both open *AND* secure WiFi) is to use encryption. And the easiest encryption to use is VPN.
      Many routers today have VPN capability. If you’re a DIY kind of person, you may want to look into the amazing capabilities of MonoWall. Once you setup your VPN at home, it’s easy enough to implement VPN on your smartphone or tablet (Unless you have a Windows phone…they still do not support VPN…and from what I hear, they never will) Then setup your VPN to always connect whenever using WiFi…Heck! If you have a fast enough pipe to your home network, I’ld use VPN for *ALL* data, including cellular data! It was just shown at a recent security conference how easy it is to decrypt cellular data….So, it’ you’re really big on security (like me) then you should *ALWAYS* use VPN…think of it like a “network condom”

    • When on public WiFi, you’re faced with the threats we mentioned in the infographic. We recommend to not log in to sensitive websites on unsecured WiFi unless you’re connect to a VPN.

  4. Is HTTPS a completely safe solution when using public wi-fi? Or are there still ways your information could be compromised, even if you strictly use HTTPS to access email, banking, or whatever?

    I’m only concerned with conventional threats here, not Government Spies who see me when I’m sleeping and know when I’m awake.

    • Main thing we suggest is to avoid logging into sensitive accounts over unsecured public WiFi, unless you’re connected to a VPN.

  5. Well, since ZA has been providing a free AV software for more years than I can remember, maybe they would consider making an app for Android users for cell phones. A huge amout of people connect to wi-fi spots using their phones these days.

  6. Does using 3g on my smartphone instead of wifi eliminate these concerns. I don’t do any bank stuff on it anyway. I do read email alot with the 3g and the passwords are automatically sent when I open the email system [ 1 pop and 1 web]. I know this would present a risk if the phone was lost or stolen, since the phone itself is not password protected.

    • Using your 3G on your smartphone is definitely more secure than accessing sensitive information over public WiFi. But this does not mean you should not be vigilant when browsing the Web on your smartphone!

    • The important thing here is to make sure you don not access your email while on public WiFi. You do not want to access anything sensitive over unsecured public WiFi.

  7. Pingback: Contest: Win One Of Five Avast SecureLine VPN Vouchers | Android Dissected

  8. Pingback: Use Public WiFi: Better Check Out Cloak | V3 Kansas City Integrated Marketing and Social Media Agency

  9. Pingback: FraudAvengers

  10. Pingback: User Beware: Read This Before Using Free Public WiFi - Hardcastle Social Media

  11. Pingback: Heading Back to School? Don’t Forget About Your PC Security Basics! | ZoneAlarm Security Blog

  12. Pingback: How to Prevent Hackers from Accessing Your Online Accounts | ZoneAlarm Security Blog

  13. Pingback: Port80 Software Web Security & Performance Blog » Port80 Blog Sochi: A Five-Ring Circus of Web Security Nightmares, or Just Another Day on the Wi-Fi » Port80 Software Web Security & Performance Blog

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>