fbpx

5 Ways to stay safe on public Wi-Fi

These days we treat Wi-Fi almost as if its a basic human right. If you have kids, you will know for certain that depriving them of Wi-Fi is quite possibly worse than withholding food!  Heck, maybe even the air they breathe!
My kids used to complain mercilessly about having to visit my grandmother’s house simply because she didn’t have Wi-Fi!

Most establishments believe that Wi-Fi = hospitality, which is why you can barely enter any public bar, restaurant or coffee shop these days without finding that there is free Wi-Fi on offer.
Gone are the days when you needed a subscription to BT OpenZone or some equivalent. Nowadays you’ll get free access in return for your personal details (email, name, address, date of birth) or, possibly worse, linking to your social media profiles!

Beach Cafe

Smaller businesses will simply make their own broadband connections available without any form of registration.

One of the big issues with using public Wi-Fi is that you rarely know who else is using it and what they’re doing on that network.
Could the owner of the access point be logging details of your activity?
Are there unscrupulous types connected to that network, hoovering up all the traffic and attempting to collect your personal details?

Arguably, its just not worth the risk when there are often other options available such as tethering to your phone.

From time to time, it may be necessary to make use of public Wi-Fi, perhaps there’s poor signal and you really must get online.  So how can you stay safe?

1 – Use a VPN

For me, this is probably the biggest one. Using a trusted VPN (Virtual Private Network) connection is one of the most important tips I can offer. A VPN creates your own encrypted, secure connection over the internet, connecting you to the websites and services of your choice via a private, trusted server, owned by your VPN provider.

There are many VPN providers to choose from, you will need to make your own choices about which ones you feel are trustworthy.  To get you started, look at companies such as ProtonVPN, NordVPN, CyberGhost to name but a few.

Once you’re connected to a VPN, any data you send or receive will be routed over that secure connection, regardless of the Wi-Fi network you’re connected to.
If you don’t already subscribe to a VPN Service, look into it now. Especially if you regularly make use of public Wi-Fi hot-spots!

2 – Only connect to HTTPS sites

Sites protected with SSL (which have the https:// prefix, as opposed to the http://) make use of encrypted connections between your web browser and the target web server.

This is important as it ensures that your web browsing and transactions can’t be easily compromised.  It also provides a way of validating the authenticity of the site you’re visiting.

The reason that I use the phrase “can’t easily be compromised” is that there are tools and techniques available that can be used to get in-between your browser and the server you’re communicating with. These are commonly known as “man-in-the-middle-attacks”.

Without getting bogged down in a load of technical detail here, what this means is that a potential attacker lurking on the Wi-Fi network you’re connected to, can attempt to hijack your browsing session and redirect your traffic via their computer.
In doing this they will be able to intercept your personal data and login credentials before they arrive at the intended location.

If you keep vigilant, you can often keep an eye on whether your connection is secure by monitoring your browsers address bar.
As shown in the picture below, the lock symbol and the green status indicates your connection is secured. But it is also important to make sure that the owner of the site seems legitimate.

ssl-cert.png

Within this image you can also see that the owner “HSBC Holdings plc(GB)” is a close match for the website that we’re visiting.

If you go a step further and click on the green text, you will be able to see more information on the owner of the certificate to further verify its authenticity.

ssl_cert_adv.png

If anything doesn’t add up here, step away from the cookie jar and connect to the website some other time from a trusted location.

3 – Never carry out financial transactions

It should stand to reason that if you’re connected to an untrusted network, you should never do anything sensitive or involving your personal finances.

This could include shopping, online banking or making charitable donations.

The implications of having your banking credentials or payment card details intercepted could have dire consequences, if you really need to carry out these kinds of activities whilst out and about, disable Wi-Fi and use your mobile broadband connection instead.

4 – Ensure that your Firewall is active and Antivirus are up to date

Technically this is two steps, but they’re closely enough linked for me that they can be treated as one.  Your firewall on your laptop should always be turned on.  Be it Windows Firewall or MacOS Firewall.

MacOS has historically come with the firewall turned off by default so you should check within System Preferences to see if yours is enabled, if not, turn it on right now!

macos_firewall.png

Having your firewall enabled will block incoming connections to your computer from other devices on the network.  If you’re at home, usually this is less of a problem.
You presumably trust the other computers on your network and your Broadband router will have a firewall enabled blocking connections from the internet.

Once you’re on a public Wi-Fi network, things are different.  Do you know who else is connected or what their intentions are?
Even if there’s only “good people” on the network, can you be sure their devices are not infected with malware which could spread to your computer?

This takes me on to Antivirus (or malware protection), you should always have a good anti-virus product installed and ensure your subscription is up to date.
There are many free options available, such as Sophos Home, but if you can afford it, go for the paid options, the additional level of coverage these will offer is well worth the low cost.

5 – Disable automatic connections

This one is more important for when you leave the premises in many ways.  Our devices, for the sake of convenience, will ask if you want to “remember” the connection for future use.  This can be dangerous as other premises (or rogue networks) could have the same network name (or SSID).

The next time you visit a location with Wi-Fi using the matching name, your device will kindly connect you to that network whether you want it to or not.

It is always safer to tell your computer, phone or tablet not to automatically connect to untrusted networks, this makes sure that you’re always in control of your connection.

Summary

Always be suspicious.  It will serve you well.  If anything looks out of place and seems unusual, disconnect right away.

Leave a Reply

Your email address will not be published. Required fields are marked *