Last Updated on July 22, 2021 by Calvin C.
Free public WiFi hotspots are found in places like public transportation hubs, tourist attraction spots and community spaces. Although these WiFi hotspots provide easy access to the internet, you are at risk of falling victim to hackers. In this article, I look at 15 ways to give you public WiFi protection.
Free internet access is not something one can ignore and some companies capitalize on this to attract potential customers.
For example, you can find free a WiFi hotspot in any of these spots worldwide:
- Taco Bell
- Burger King
Connection to a public WiFi hotspot is so easy that a lot of people connect to it without thinking twice.
However, there are hidden dangers associated with public WiFi and I have compiled helpful tips to protect you when you use it.
A. Dangers of public WiFi
Not everyone who is connected to the free WiFi network is good, as public WiFi is a paradise for hackers.
Before I go through the tips to stay safe when using public WiFi, these are the dangers you need to look out for:
1. Man-in-the-middle-Attack (MITM)
In a MITM attack, a hacker creates a fake WiFi hotspot and tricks you into connecting to it.
The hotspot usually mimics one you are familiar with so that it doesn’t raise suspicion and like the genuine one, you are able to access the internet with no issues.
However, traffic passes through the hacker, so what you do online is not private as all the sites you visit are visible to the hacker.
Even confidential details like your username, password or email address are visible to the hacker.
For more details about a MITM attack, read this article I wrote.
2. Malware distribution
Hackers can also take advantage of a free WiFi network to distribute malware in vulnerable devices.
There are about 10 different types of malware, each performing a specific malicious action.
Since you are all connected in the same network, if your device does not have the necessary protection, a hacker can easily gain access and install malware directly.
In some cases, the hacker places adware in your computer or mobile device and ads that are displayed contain malicious links or take you to sites that have malware.
3. Session hijacking
This is a security threat in which a hacker’s computer is configured to mimic yours and this setup is used to access sites where you are logged in.
If a hacker gains access to your bank account or online wallet, you may lose all your funds to the hacker.
4. Stealing of your personal data
A lot of people store personal data on their devices and a hacker can take advantage of that.
This personal data includes:
- Email addresses
- Company data
- Photographs and videos
- Financial data
Armed with this data, a hacker can steal funds, cause reputational damage or even ask for a ransom.
5. Packet sniffing
A hacker can use a packet sniffer or packet analyzer to see what you are doing online when you are connected to a compromised public WiFi network.
As long as data that is transmitted is not encrypted, it is easily visible to the hacker.
While packet sniffers are bad in the wrong hands, they are normally used to troubleshoot issues with the WiFi network.
B. Public WiFi protection strategies
Sometimes a hacker combines the above tactics but fortunately, there are ways in which you can protect yourself from cyberattacks.
If you don’t follow these measures, you risk losing personal data or even funds in the bank.
Hackers like to capitalize on any vulnerability so it is best to make sure you prioritize the most effective preventive measures.
Now let’s jump into the ultimate list of strategies for public WiFi protection.
1. Avoid public WiFi
This is the most effective way to eliminate the risks of using a public WiFi.
Instead of relying on public WiFi, why not carry your own hotspot or use mobile data?
That way, only your device is authorized to access the internet and hackers are locked out.
Most ISPs offer portable WiFi routers or dongles, so as long as your ISP has coverage in your area, get your own portable hotspot.
Alternatively, you can subscribe to a hotspot service where you pay a monthly fee or you buy tokens for a top up.
This is not a foolproof solution but unlike a free hotspot, you will less likely run into script kiddies and seasoned hackers.
2. Don’t share any private data
If you have no choice but to use public WiFi, never share your private data over this network.
It’s risky to log into accounts protected by credentials like email address, username and password.
This means no checking your bank account, filing taxes online, checking emails or anything that exposes your personal data.
Never carry out any transaction on a public WiFi network because the risk involved is too high.
3. Enable 2-FA on your online accounts
2-factor authentication adds an extra layer of security when you log into an online account.
If you have an option to enable this feature, make sure you do it so that you don’t only rely on a password for security.
I recommend app-based 2-FA as it is more secure than SMS or voice 2-FA. SIM card fraud is one tactic used by hackers to intercept SMS messages used for 2-FA.
Authentication apps like Google Authenticator are more secure.
4. Use a password manager
Nowadays, a password manager is a must because you need a password that is long and complex for maximum security.
Pet names, birthdays or familiar names are out of the question because with a bit of social engineering, a hacker can crack that kind of password.
There are plenty of password managers out there and I recommend NordPass because it was created by NordVPN, a leading VPN provider.
A password manager automatically fills online login forms with a strong password and this password is saved as an encrypted file.
You have an option to save the encrypted file on your device or in the cloud.
The beauty of a password manager is that you don’t have to memorize any password and you can start using one for free.
5. Hide your activity with a reliable VPN
A VPN creates a VPN tunnel between your device and VPN servers. Your traffic is encrypted, you IP address is masked and you are protected from cyberattacks.
Hackers in the public WiFi network are not able to view your traffic so you can work with sensitive data in peace.
Remember, you need to use a trusted VPN because shady VPNs pose a security and privacy threat. Read more here.
For maximum security I recommend a premium VPN as you get access to all privacy and security features.
I recommend NordVPN as it is the overall best VPN. You can try it out for 30 days and if you are not satisfied, you get a full refund.
Use the link below which takes you straight to the best deal with a 68% discount.
6. Scan and remove malware from your device
Hackers can put malware in your device and this malware steals your data or even gives hackers complete control of your device.
Gone are the days when an antivirus alone was effective. Nowadays, you need a security suite that comes as a package with several features, including an antivirus.
A security suite contains:
- Browser protection
- Antibot scanner
- Parental control
- Cross-platform support
Make sure you keep the security suite up-to-date for maximum effectiveness.
In a public WiFi network, any malware that is installed in your device is likely to be picked up by the antimalware.
You can get view the top antimalware products here:
7. Disable WiFi auto-connect
In WiFi settings of your device, make sure you choose Ask to Connect option so that your device does not automatically connect to an available WiFi network.
Cybercriminals create a fake hotspot and if your device is set to connect automatically, you easily get hacked.
Here is how to disable automatic WiFi connection in major operating systems:
- Go to Network and Internet settings
- Select WiFi Settings then Change Adapter Settings
- Double-click WiFi connection
- In General tab, choose Wireless Properties
- In the Connection tab, uncheck Connect Automatically When This Network is in Range
You follow similar steps in older versions of Windows.
For the MacOS, you follow these steps:
- Open System Preferences either from the Dock or Apple menu
- Select Network (another way is to click WiFi icon in menu bar then choose Open Network Preferences)
- In the next window, click Advanced
- Select the WiFi tab and look for the network name that you don’t want to join automatically
- Uncheck the corresponding box and click OK
You won’t get login pop-ups from that network again.
You can prevent an iOS device from automatically joining a specific WiFi network by using these steps:
- Open the Settings App and select WiFi
- Look for the (i) next to a network name and tap it
- Toggle Auto-Join to off
In addition, you can stop your iOS device from asking you to join any nearby WiFi network. Use these steps:
iPhone: Go to WiFi Settings and disable Ask To Join Networks
iPad: Go to Settings >> WiFi >> Auto-Join Hotspot >> Never
In an Android device, follow these steps:
- Open Settings and go to Network and Internet
- Select WiFi then select WiFi preferences
- Toggle off Connect to public networks
8. Only visit HTPPS sites
Only visit websites that have HTTPS enabled as HTTP sites are not secure.
Cybercriminals sometimes create unsecure sites so that whatever you share on those sites falls into their hands easily.
Look for a padlock in the address bar as shown below and if it’s absent, that site is not secure.
Let me hasten to say even if a site has HTTPS, it may still be a malicious site so always be cautious.
9. Turn on WiFi only when needed
Make sure you only turn on WiFi when you need it.
If you keep your WiFi on, you risk joining a compromised network automatically.
10. Log out of visited sites
Make it a habit to log out of your online accounts when you are done.
If a hacker takes control of your device and you are still logged in, it’s easier to carry out an attack.
In the case where you signed out of your accounts, at least the hacker is faced with a strong password and 2-FA (if it is enabled).
11. Turn off file sharing
When you connect to a network with your computer, make sure the file sharing option is not enabled unless you really need it.
Hackers can capitalize on this feature if they break into your connection.
Here is how you disable file sharing:
- Open Control Panel
- Under Network and Sharing Center, click View network status and tasks
- Click Turn off file and printer sharing
- Then click Save changes
- Go to Apple menu and click System Preferences
- In the next window, click Sharing icon
- In the Sharing window, uncheck both Printer sharing and File sharing
- Close window
12. Keep the Firewall is enabled
A Firewall is does not provide 100% protection, but least it blocks malicious data packets.
You should always keep the Firewall enabled to protect you computer from certain types of malware attacks.
Check that it is enabled in your computer:
- Go to Control Panel and select System and Security
- In the next window select Windows Firewall
- If it is disabled, click Turn on Windows Firewall on or off
- In the Customize Settings windows, select Turn on Windows Firewall then click OK
- Click System Preferences in the Apple menu
- Then click Security & Privacy
- Click Firewall tab
- Click Turn Firewall on
13. Log into the correct network
Hackers may trick you into joining the wrong WiFi network by using SSID names similar to the network you want to join.
For example, let’s say you want to connect to a WiFi network at Peter’s Coffee Shop. You may find a scenario like this: Peter’sCoffeeShop, Peter’sKoffeeShop hotspots, with one hotspot created by a hacker.
If you are not careful, you end up joining a network controlled by the hackers and this is called a Man-in-the-Middle-Attack.
Once you join the wrong network, your traffic passes through the hacker so there is no privacy or security.
When you log in to any WiFi network especially in a public area, inspect the login page to make sure it’s the legitimate network.
To be safe, at least the provider must provide a password that you use to access the network, thus at least you know it’s the right network.
14. Keep your device and apps updated
This should be part of your cyber hygiene routine to make sure all your devices perform optimally.
Hackers take advantage of any vulnerabilities that may be caused by outdated software or apps on your device.
It’s best to set the updates to automatic so that you don’t miss any fresh updates.
15. Use WiFi Certified Passpoint (802.11u)
WiFi Certified Passpoint is a protocol that allows you to switch between certified WiFi Passpoint providers without the need for re-authentication.
This action takes place automatically and you don’t fall victim to fake hotspots created by hackers.
Your device has to be enabled for this feature to work but once this technology is ubiquitous, it will greatly reduce vulnerabilities of WiFi networks.
From the list above the number one measure I recommend when you use a public WiFi network is to use a VPN.
That way, all your activity is hidden from hackers in a VPN tunnel and our overall best VPN is NordVPN
What are your comments about public hotspots? Let me know in the comments and support us by sharing the article with your friends on social media.