The Dangers of Free WiFi

As a connection to the Internet becomes ubiquitous in even developed countries, we've seen a proliferation of access points popping up all over the place. Every coffee shop to the bus stop has a WiFi point to help consumers gain easy access to the Internet. The attraction of free WiFi has become so popular that many restaurants use it as a drawcard to get and keep consumers on their premises.

While public WiFi has its conveniences and not paying for access to the Internet is a tempting proposition, it doesn't come without its fair share of risks.

An open WiFi is probably the most dangerous way to access the Internet for any consumer and exposes you and your device to an entire smorgasbord of issues.

Don't believe me? Then check out these 13 risks you expose yourself to when connecting to a public WiFi.

What are the risks of using public WiFi?

The same features that make free WiFi hotspots desirable for consumers make them desirable for hackers; namely, that it requires no authentication to establish a network connection.

This creates a fantastic opportunity for the hacker to get unfettered access to unsecured devices on the same network.

1. MITM attack

MITM (Man in the Middle) Attack is widespread risks that may harm you via eavesdropping when you are connected to the Internet. Users connected to the same network have the ability to place themselves between your device and the connection.

So when your PC sends data to a website or service, chances are the attackers will intervene so that your data isn't private anymore.

2. Unencrypted networks

Depending on how the WiFi is set up, it could be unencrypted; some stores do not bother to set up routers and allow you direct access to their modem. This type of access, usually, the encryption is disabled, or they could be using a router and have not set it up correctly. Do you trust your local barista with your internet safety? He might know his way around a cappuccino, but I doubt he knows how to create secure internet connections.

3. Malware Infection

Since more users are opting for WiFi, the sheer numbers make it an easy breeding ground for new victims. WiFi hopping malware and viruses are becoming increasingly popular and spread in unbelievable speed from one WiFi network to another due to dense population.

Recent reports have shown that some attackers are harming users who set up WiFi network via pop-up windows in hotels, motels and some other accommodation options. Meanwhile, software vulnerability is a weak spot. It is another target of the attackers who may write specific code to make the most of the susceptibility to infect your devices.

Ever wonder why Apple and Android are continually giving you OS updates that show no visible effect? Well, that's because they're patching vulnerabilities in their system.

4. Spying, Snooping and sniffing

WiFi snooping and sniffing is as its name implies. Cybercriminals can buy special software kits and even devices to help assist them with eavesdropping on WiFi signals. This technique can allow the attackers to access everything that you are doing online — from viewing whole webpages you have visited (including any information you may have filled out while visiting that webpage) to being able to capture your login credentials, online business, resources, account and password, browsing and chat histories and even hijack your accounts.

5. Malicious hotspots or honeypot hotspots

This "rogue access points" trick victims into connecting to what they think is a legitimate network because the name sounds reputable. Say you're visiting nichemarket's offices and want to connect to the office WiFi.

You may think you're selecting the correct one when you click on "nicheMarkt", but you haven't actually connected to the right WiFi. Instead, you've just connected to a rogue hotspot set up by cybercriminals who can now view your sensitive information. The owner of that WiFi could have set it up to view all your actions while connected via their honeypot access point. 

6. Password and username vulnerability

Using a public WiFi makes you and your employees vulnerable to having passwords and usernames stolen when you log on. Websites utilising a secure socket layer or TLS with HTTPs provide a needed level of security, but many sites do not implement these protocols correctly. Something as simple as not setting up the correct server-side redirects in your htaccess file of sites can be enough to expose all visitors login credentials on an open WiFi.

7. Exposure to worm attacks

Worms act much like viruses, with one key difference. Viruses must have a program to attack to successfully compromise a system, while worms can wreak havoc all by themselves. When connected to a public WiFi, you run the risk of a worm travelling from another device that's connected to the network to your computer.

8. Using your network for illegal purposes

Intruders gaining access to unsecured WiFi may use the network's bandwidth and resources for transactions and processes that may not damage the network of themselves but could have legal repercussions for the network hosts.

For example, the use of a network for the transmission of hate speech, illicit materials such as child pornography, or the movement of stolen documents and intellectual property could be going on without the knowledge or endorsement of the network administrators – but if the practices come to light, it's the WiFi providers who could end up paying the consequences.

9. Stealing your bandwidth

Users and administrators of unsecured corporate wireless networks may rest complacently in the mistaken belief that they're safe from the attentions of malicious outsiders. But the truth of the matter is that anyone who gains knowledge of an unsecured private/corporate WiFi network's existence (and is close enough to connect) may "piggyback" on the hotspot for their purposes.

At a basic level, this may be for personal gain, with unwanted visitors capitalising on the free bandwidth. On a more sinister level, multiple sign-on from unauthorised visitors could potentially overload the system by exceeding bandwidth limitations or the capabilities of network hardware, in the form of DoS attack.

10. Beware WiFi data capturing

When connecting to some open WiFi hotspots such as (airport, hotel, food court, etc.) you could be promoted to handover public information such as your email address or phone number. While you may be connecting to a legitimate WiFi that is protected, you have no control over where that contact information is going. Companies use this data to create data sets and interest sets tied to your internet history on their WiFi connection. They can then group this data into various interest sets and sell it on to 3rd parties who will then try t reach out either directly or indirectly with advertising.

11. Intercepting your login credentials

Even if the hotspot you're using isn't a spoof but is just merely unsecured, hackers nearby can eavesdrop on your connection to gather useful information from your activities. Data transmitted in an unencrypted form (i.e., as plain text) may be intercepted and read by hackers with the correct knowledge and equipment. This includes data from any services which require a login protocol.

In a 2016 survey, it suggested 58% of public WiFi users typically log into a personal email account, 56% access social media, and around 22% ignore all conventional wisdom and visit banking or commercial websites, that's a lot of login credentials, ripe for the picking. And cyber-criminals can use captured login information directly, to gain access to your accounts, or indirectly (selling credentials on to third parties, more comprehensive scale identity theft, etc.).

12. Interception of data in general

Clear text transmission of data over unsecured WiFi channels leaves other kinds of information open to interception, modification, and theft. This would include corporate data, intellectual property, images, media files, and the content of an unencrypted email or instant messages. So if you have any information on your phones such as private or important files, texts or photos, this could be used against you with something like a ransomware attack.

13. WiFi footprint

Did you know that your devices leave a public footprint each time you connect to another WiFi connection? Your SSID (The name you give your device) and your MAC ID (the unchangeable ID of your device) is passed on as public knowledge to Google and other service providers. This data makes it easier to trace your locations and movement, which is used for geofencing and advertising.

However, it can also be used by hackers to monitor your movements and find out when you access vulnerable access points. If you want to protect your right to privacy and privacy of movement to be exact, then it's best to stay off public WiFi.

Stay Protected

While there are steps to protect yourself while using public WiFi, prevention is always better than the cure. Even the most alert individuals can slip up from time to time.

Online protection and privacy become increasingly valuable, and data breaches are now a fact of life in this interconnected age, which is why you need to take great care in where you store your data and how you connect to the Internet.

Your yearning for a free connection to the Internet could end up costing you way more than you bargained for in the end.

Are you looking to promote your business?

South African businesses can create your free business listing on nichemarket. The more information you provide about your business, the easier it will be for your customers to find you online. 

Registering with nichemarket is easy; all you will need to do is head over to our sign up form and follow the instructions. If you require a more detailed guide on how to create your profile or your listing, then we highly recommend you check out the following articles.

• How to create a nichemarketer profile
• How to create a nichemarket business listing

Recommended reading

If you enjoyed this post and have time to spare why not check out these related posts and dive deeper down the rabbit hole that is digital safety.

• Why You Should Upgrade Your Site To TLS 1.3
• HTTPS Migration Check List For The Best Results
• Time To Go HTTP2 and Speed Up future Growth

Tags: WiFi, Online Security