The question most of us ask when we get to a restaurant or event – or even one of the major determining factors as to whether you’ll eat at a certain café – is if there is free and strong Wi-Fi. Wi-Fi has significantly changed the way we work and play, enabling us to interact with the digital world from anywhere in the physical world.
The good news is, free Wi-Fi access is on the rise, from coffee shops to restaurants to international hotels. The bad news is, the convenience of free Wi-Fi comes with some real threats, from computer viruses to identity theft.
Even without the presence of active data hackers, your privacy is never guaranteed when you access a public hotspot. This is a phenomenon known as Third-party Data gathering. Some of the common techniques that hotspot providers use to obtain information about Wi-Fi users especially in the Nairobi CBD area in this manner include:
- Asking customers to leave their phone number or email in exchange for the PIN to access the Internet.
- Asking visitors to share something via a social network or give a program access to their social identity (e.g., to display targeted advertisements)
Another way that hackers steal your data is called page spoofing. What happens here is a hacker creates a fake version of a website in order to steal credentials. For example, you may be asked to “like” a page on Facebook before you can access the Internet and then be directed to a fake Facebook login page that looks like the real thing. As you log in, this fake page would record your credentials, show a login error, and then redirect you to the real Facebook page for a “second attempt” at logging in. Before you’re even aware of what has happened, your social identity and credentials have been stolen.
A while back, I lost very sensitive documents from my computer and after a visit from the guy who fixes my laptop, he told me that I had accidentally downloaded a virus masked as a software update. Since my broadband connection at home was acting up that week, I could only have picked up the virus from using public Wi-Fi in restaurants.
I learnt some of these things the hard way after taking advantage of public Wi-Fi – not just from restaurants – and I learnt that even though these are all real Public Wi-Fi risks, there is no way of keeping yourself 100% safe from hackers. This doesn’t mean that you should never use public Wi-Fi, however, there are certain simple-enough measures you can take to protect your data against attackers which include:
- As much antivirus protection and firewalls are essential methods of cyber defense, they are useless against hackers on unsecured Wi-Fi networks. So, before you connect to just any Wi-Fi network, always confirm the legitimacy of the network; do not rely on the name alone. If there are multiple access points for the same venue, ask a staff member which one to use. Similarly, be sure to read the Terms of Service carefully to ensure that your privacy will not breached.
- Keep your settings and apps safe by Turning off sharing: When you’re on a public network, you’ll want to turn things like Public Folder sharing settings off, as anyone can access them. Also, turn off Network discovery to prevent others from seeing your machine on the network.
- Use a Virtual Private Network, or VPN, to create a network-within-a-network, keeping everything you do encrypted. VPN basically lets you route all your activity through a separate secure and private network, giving you the privacy of a private network even though you’re on a public one.
- Always implement two-factor authentication when logging into sensitive sites, so even if someone does manage to get the passwords to your social media or email accounts they won’t be able to log in.
- Only visit websites with HTTPS or enabling SSL encryption when in public places, as opposed to lesser-protected HTTP addresses. This encrypts the data passed back and forth between your computer and the web server and keeps your data safe from potential hackers. Also, be aware that even if a website uses HTTPS for the majority of its content, the images on that website might still be distributed via HTTP since links are not typically encrypted. However, most current web browsers will warn you if this linked content is unsecure or when the certificate from a secured HTTPS site is not valid or verifiable.
- Turn off the automatic Wi-Fi connectivity feature on your phone, so it won’t automatically seek out hotspots. The longer you stay connected, the longer the chance of hackers noticing that you’re there. When you connect to any network on Windows, there’s a window that asks whether you’ll be connecting to a home network, work network or public network. Before I always used to choose work network, but the public setting as I later found out, naturally gives you the most security.
- Monitor your Bluetooth connection when in public places to ensure others are not intercepting your transfer of data.
- Never install software while using public Wi-Fi, as it could introduce viruses into your computer. For example, a common attack is to inform the user that his browser is using outdated Flash and then redirect the user to a fake Adobe website that will install a virus instead of the real software.
Here are some tips on how to secure your online accounts.
Featured image via www.drivers.com.