By now everybody is aware of the dangers out there when using WiFi hotspots, isn’t it? Well, according to recent reports surprisingly that isn’t so: Juniper Research, for instance, revealed that only 5% of global smartphones and tablets had security software installed, even though those devices account for 57% of hotspot connections, according to the Wireless Broadband Alliance; and Harris-Interactive found out that 53% of smartphone and 70% of tablet owners use public WiFi hotspots, but neglect to use effective security and anti-malware products, that way keeping the doors wide open for cybercriminals to steal personal information, banking credentials, account passwords and other valuable information.
Threats are simply lurking everywhere in cyberspace as there are plenty of eyes on public WiFi networks that intercept data transferred across the link. Since hotspots use radios to transmit data over the public airwaves, the information traveling is by definition not private and can literally be grabbed out of the thin air, making it a favoured spot for fraudsters, too.
So take proper precautions, and make sure that confidential information can’t get stolen, by considering the following useful tips from the Kaspersky Lab team:
Be aware that any public WiFi is inherently insecure, so be cautious. It is safe to assume that you are not alone and keep in mind that any device could be at risk - such as laptops, smartphones and tablets. Therefore, treat all WiFi links with suspicion and don’t just assume it’s legitimate, rather check it. It could be a bogus link that has been set up by a cybercriminal that’s trying to capture valuable, personal information from unsuspecting users.
Question everything: Don’t connect to an unknown or unrecognized wireless access point, instead try to verify that it’s a legitimate wireless connection. Some bogus links, set up by malicious users, could have a connection name that’s deliberately similar to the coffee shop, hotel or venue that’s offering free WiFi. If you can speak with an employee at the location that’s providing the public WiFi connection, ask for information about their legitimate WiFi access point — such as the connection’s name and IP address.
Use a VPN (virtual private network): By using a VPN, when you connect to a public Wi-Fi network, you’ll effectively be using a ‘private tunnel’ that encrypts all of your data that passes through the network. This can help to prevent cybercriminals that are lurking on the network from intercepting your data.
Avoid using specific types of website. It’s a good idea to avoid logging into websites where there’s a chance that cybercriminals could capture your identity, passwords or personal information — such as social networking sites, online banking services or any websites that store your credit card information.
Consider using your mobile phone, if in doubt. If you need to access any websites that store or require the input of any sensitive information — including social networking, online shopping and online banking sites — it may be worthwhile accessing them via your mobile phone network, instead of the public WiFi connection.
Protect your device against cyberattacks. Make sure all of your devices are protected by a rigorous anti-malware and security solution and ensure that it’s updated on a regular basis.
Use long, strong passwords: Use upper and lower case letters, numbers and symbols, and different passwords for each site – and make sure to uncheck the box that automatically saves them.
Disable features that automatically connect your device to any available network. This will prevent you from accidentally connecting to a fake WiFi hotspot or a stranger’s computer. It’s recommended to disable printer and file sharing options, too. As a rule of thumb, log out of all websites and turn off wireless connectivity when you are not using it.
And last but not least avoid, if possible, logging in to websites that do not have secure log-in pages, indicated by the padlock in your browser and https in the URL. But keep in mind that an encrypted website only protects the information sent to and from the site, it does not protect what’s sent over public WiFi hotspots.
By Daniela La Marca