It’s a common scenario. You’re sitting in a coffee shop, restaurant, or waiting at the airport, and there it is beckoning to you like a siren luring sailors: public Wi-Fi. It’s free, easy to access and oh-so convenient, but should you and what are the potential pitfalls of diving headfirst into unsecured digital waters? Find out how a VPN like Avira Phantom VPN helps keep you safer on public networks for greater online freedom and security. It’s a win win.
What makes public Wi-Fi risky?
Wi-Fi (or wireless internet networks) allow users to connect to the web without having to physically tether their mobile device to ethernet ports. There’s been an explosion of public Wi-Fi in recent years, and it seems you’re never far from a public network! It’s especially tempting if your usual network is out of reach, you’re travelling and don’t want to run up huge mobile data charges—or you simply “must” access your social media right now to share a picture of that caramel hazelnut latte. A multitude of working professionals also rely on it to connect and collaborate as they move about. Yet it’s precisely the features that make free Wi-Fi so desirable to users that ensure it’s equally attractive to hackers. It requires no authentication to establish an internet connection, granting cybercriminals and snoops free access to unsecure devices on that network. They can then eavesdrop on your communications and online activities, and even harvest the information you send. Imagine this typical scenario at an airport, for example: At any given moment thousands upon thousands of passengers are using airport Wi-Fi to access flight information, and even enter sensitive data such as a passport number.
Some public networks require a password—but don’t let this lure you into a false sense of security! If everyone there has access to it, that password is hardly an effective gatekeeper. It would be like locking your front door but distributing multiple copies of your key. Also, Wi-Fi encryption standards tend to be flawed. It’s hacker heaven! Research into public Wi-Fi hotspots worldwide by Statista suggests that despite the problems, public opinion is split about the safety of public Wi-Fi networks: 61 percent of people feel safe on public Wi-Fi, while 39 percent state that they feel unsafe. Yet in a recent study by Forbes on the risks of public Wi-Fi, 40% of respondents had their information compromised while using public Wi-Fi and the majority had their information accessed while using airport or restaurant Wi-Fi. Yet what exactly are the risks? Read on to explore them—knowledge is power, after all.
What are the common threats of public Wi-Fi?
Hackers and other cybercriminals are relentless and becoming increasingly creative. They usually combine their technical know-how with free tools to sneak into unsecured networks. If they nab your sensitive information, they could steal your identity and impersonate you online—by making purchases in your name or even applying for a credit card. Here’s what can happen when you use unsecured networks:
Man-in-the-Middle (MITM) attacks occur when a malicious third party intercepts your communication. They can then present you with fake websites, intercept your passwords, and access your data files. As data is unencrypted on public Wi-Fi, users are particularly vulnerable to MITM attacks.
Password cracking is what happens when scammers use software that automatically tries a huge number of usernames and passwords to unlock a router’s management interface. Remember to help secure all your online accounts with unique, strong passwords, and help safely store and manage them with a password manager (like the one you’ll receive with Avira Free Security).
Packet sniffers are applications that read data as it moves across a network. Using freely available packet-sniffing software, hackers can intercept these streams (or packets) of data, download them, and save them for later analysis. Then they’ll take the time to scan your data for passwords, personal data, and banking details. Beware—even if you just logged in to a hotspot for a few minutes, your data can still be captured!
Session hijacking, sometimes called sidejacking, exploits a vulnerability with cookies (the small data files saved by your browser on your device). Cookies save time by storing, for example, your username and password so you don’t have to enter these credentials every time you visit a website. By hijacking your browser session over a public Wi-Fi network, hackers can capture this data and log in to your online accounts. They can also use the cookies to trawl for other sensitive information, such as your home address and full name.
Evil twin attacks refer to malicious hotspots that are set up to look like legitimate Wi-Fi networks. When you’re tricked into logging on, hackers are waiting to steal your personal information. Evil twins can be tricky to distinguish from the real thing as they usually have similar-sounding names such as “Coffee Shop Wi-Fi”. Pay careful attention to the exact spelling of network names!
Does a VPN help protect you on public Wi-Fi?
If you were to Google “public Wi-Fi security solutions” you’d find that practically every article recommends using a VPN (virtual private network). And with good reason. Enhancing public Wi-Fi with a secure VPN connection can help thwart the attacks mentioned above.
When you use a VPN, your device connects to the VPN provider’s servers and all your internet traffic passes through this connection. Using secure internet protocols such as IPsec, the VPN creates a private tunnel that helps shield your data and online activities from third parties and even your Internet Service Provider (ISP). Plus, when you use a virtual private network all your communications are encrypted, so they can’t be read even if they are intercepted.
A VPN helps protect your financial information, passwords, and other private files from hackers and snoopers. It’s also important to understand that there are some things a VPN can’t do—like block viruses and other malware (you’ll need trusted anti-virus protection for that), and it can’t prevent browser fingerprinting. When you visit a website, the site can still gather information about your browser.
FAQ: Using a VPN on public Wi-Fi
Q: Can public Wi-Fi see your history if you’re using a VPN?
A: Yes, like your ISP, Wi-Fi providers can potentially see what you search for, what sites you visit, and how long you stayed there, even if you’re in incognito mode. Some network owners might even sell your data. Today’s Wi-Fi routers tend to have the capability to log user information—and if you land on a website that has no TLS/SSL encryption, routers will also “know” the exact pages you read and the information you entered. On mobile devices you’re truly an open book and they’ll even tell tales about which apps you used and for how long.
Q: Can Wi-Fi block a VPN?
A: Many public Wi-Fi hotspots aren’t sophisticated enough to block VPNs, but you may not be so lucky with an internet service provider. Some ISPs use an IP lookup tool to find the IP address associated with a VPN provider, and then block that IP address with a firewall. Luckily, most VPN providers like Avira have a vast range of servers to choose from, so you can pick another one. If you’re travelling, always be aware of local regulations that may govern the logging and saving of user data. VPNs are completely illegal in North Korea, Iraq, Turkmenistan, and Belarus, for example.
Q: I’m in a 5-star hotel. Is the Wi-Fi safe?
A: Hotels are there for comfort, not the cybersecurity of their guests, so regardless of how highly you may rate the room or breakfast buffet, don’t be tempted by the guest network unless you’re using a VPN. All the usual rules apply. The security of hotel Wi-Fi will most likely be lax, with no proper data encryption, and when you log on, some hotels skip the guest authorization step altogether. Without a VPN you and your data are vulnerable. For example, cybercriminals can insert themselves as an invisible intermediary between your device and the connection point. The infamous DarkHotel hacking group uses unsecured hotel Wi-Fi connections to distribute malware!
Q: What VPN should I use?
A: Always choose reputable VPN providers, like Avira Phantom VPN. They must prioritize your privacy, help protect you with secure encryption that meets industry standards, while helping to ensure that your data remains hidden. They should also offer a range of servers globally and, ideally, a no-log policy of client data and online activities. Avira offers freemium VPN up to a data volume of 500 MB, as well as a pro subscription service.
Other advantages of using a VPN
By encrypting your internet traffic and hiding your real IP address, VPNs are an essential online privacy tool when you’re using public Wi-Fi. There are many other reasons to consider one:
Unblock websites: Hiding your IP address gives you the freedom to access more content than just what’s available where you’re traveling. So, if you’re abroad, choose a VPN server from home to watch your favorite show. The world truly is your digital oyster!
Evade tracking: Advertisers track your IP address to send you targeted ads. A VPN can thwart their attempts. It assigns you a different address with every connection, and none of them can be traced back to you.
Connect, collaborate, bank, browse, share…and do it all more securely: VPNs help encrypt your data on banking apps so you can carry out financial transactions and share other sensitive information on the go—plus information that’s not so sensitive. If the online world absolutely needs another picture of your cat before you board a plane, a VPN grants you safer access to your favorite social media sites so you can “like” and post anywhere.
For more detailed information on virtual private networks, including the different types, and how to connect them, see this article on how “A VPN helps protect your online privacy”.
Follow these public Wi-Fi safety tips
Never rely on technology alone! Without safe internet habits, you could be your own worst enemy, and a hacker’s delight. Follow these top tips to help you stay safer online, even when you’re using public Wi-Fi. And remember: You can use Avira Phantom VPN on your PC, laptop, or mobile device, across all major operating systems: VPN for Windows, VPN for macOS, VPN for Android, and VPN for iOS.
Don’t leave your device unattended—and always sign out. Make it a habit to take a device like a smartphone with you instead of leaving it on your desk or a table, even if you’re only popping away for a few minutes. Small mobile technology is so easy to snatch and if you leave it unlocked, you’ll also grant the thief easy access to your data, online accounts, emails, and more! If you’re working in a public area, be watchful of your possessions and surroundings—and when you’re not using your portable device, keep it in a secure case (and always log out, of course).
Never connect to a random Wi-Fi network just because it’s there. If you’re looking to use the network in a restaurant or coffee shop, for example, ask staff for the exact name you need to search for. Then when a list of network options appears on your screen, you can select the correct one. Remember to double-check the spelling to help thwart evil twins!
Disable automatic connections. If you don’t turn off the “Connect Automatically” feature, your device will search for known Wi-Fi networks and might latch onto a hotspot that poses a threat—like a fake network.
Avoid logging into confidential accounts. Can it wait until you’re at home or back at your desk? Accounts that hold sensitive information, like bank accounts, can be a treasure trove for hackers snooping around a public Wi-Fi network.
Turn off file sharing. This feature is helpful when you’re working via a secure network, like at home, but it can be a recipe for disaster in public hotspots. If you keep file sharing on, your folders could be accessed by anyone connected to the same public network.
Use reputable anti-malware. This applies wherever you go online, but it’s especially important if you’re diving into unsecured networks. Trusted anti-threat protection can help shield you from even the latest viruses, worms, ransomware, and more.
Keep your software up to date. Out-of-date software and apps may contain security loopholes that are happily exploited by cybercriminals. Software updaters can help rid you of update reminders and aging software and drivers. Avira Free Security takes a handy, multi-pronged approach and blends antivirus with a software updater, VPN, and more.
Enable two-factor authentication. If a password is compromised, two-factor authentication will help keep unwanted visitors at bay as they’ll need a second verification mode (usually an email or mobile phone number) to access that online account. Then if an unauthorized user fails the two-factor authentication process, you’ll be alerted and can act quickly to change your password.
Only browse HTTPS websites and learn how to check website safety. Website addresses that start with “HTTPS” are encrypted, adding an extra layer of security to help make your browsing more secure.
For further reading, see these five tips on how to keep your personal information safe (and what to do if your data is compromised).
Choose Avira to safely connect to public Wi-Fi
Connecting to hotspots more safely can be simple with free Avira Phantom VPN: VPN for Windows, VPN for macOS, VPN for Android, and VPN for iOS.
It uses the 256 Advanced Encryption Standard (AES-256), which was originally adopted by the U.S. federal government, and has evolved to become an industry standard for securing data. In just a few clicks you’ll have access to a range of server locations around the globe, so advertisers, snoops, and anyone trying to track you will be unlikely to know where you really are.
Public networks can present a wonderful opportunity to work, play, and connect as you move about. But it’s essential to take action: Help protect your sensitive information when using them by always switching on your VPN.