Do you access your various financial or social media accounts, or other private accounts such as e-mails with your doctor, at public computer stations? At the coffee house or hotel, for instance? Boy, are you ever setting yourself up for cybercrime including identity theft.
What usually happens is that the criminals establish Wi-Fi hotspots that trick people into thinking they are legitimate public Wi-Fi locations—people take the bait and log on. The crooks can then watch your communications through their Wi-Fi access points, and steal your personal information like passwords and credit card numbers.
A computerweekly.com report warns that anything you send via a public Wi-Fi may potentially fall into the hands of fraudsters.
One of the scams is that a criminal will get in the middle of a transaction between a user and a website, then intercept in tricky ways to steal the user’s data.
A Few Experiments
- The security firm, First Base Technologies, did an experiment in November 2013. The public participants had no idea that thieves could set up rogue wireless points of access that fake out users as being valid connection points.
- The participants were also shocked to learn that their exchanged information was not encrypted.
- FBT did another experiment using its private wireless network and numerous mobile applications. FBT was easily able to use the apps to invade other smartphones on the same network.
- One of these apps was a setup to get the participants to use the “attacking” smartphone as their portal to the Internet. This meant that the attacking device siphoned all the traffic and was able, in many instances, to remove encryption from supposedly secure connections.
This weakness in knowledge in the user, and in the security of public Wi-Fi, needs to be addressed by—obviously—the user and the providers of public Wi-Fis, plus business organizations that rely on public Wi-Fis.
Another survey in the same article found that 34 percent of PC users said that they do not take special precautions to safeguard their online interactions when using public Wi-Fi. Just 13 percent do take the time to inspect encryption prior to making a connection to a particular point.
So how can you protect yourself when using public Wi-Fi?
- If you must absolutely use public Wi-Fi for activities involving highly sensitive information, make sure that the Wi-Fi network is secure and trusted.
- Before you get onto any website, check the URL field to make sure that there is an “https” (not “http”) AND a padlock icon; these indicate the site is secure. Also check the security certificate.
- Make sure that every device that you own has full protection such as antivirus and a firewal.
- Use a reputable virtual private network such as Hotspot Shield to secure your device for public Wi-Fi use.
Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.