Is Public or Unsecured Wi-Fi Safe?
That’s the question Alec Daniels wanted to answer when he attempted to hack into a public Wi-Fi hotspot. In less than 17 minutes, Daniels took over the network and distributed phishing emails to everyone connected [*].
What makes this hack even more impressive is that Alec Daniels is 86 years old.
Luckily, Daniels is an ethical hacker (someone who hacks to highlight and remedy cybersecurity vulnerabilities). But malicious hackers also use public Wi-Fi and open networks to target their victims.
With almost 550 million public hotspots worldwide [*], cybercriminals have plenty of opportunities to ransack devices and victimize people and companies.
But what are the true dangers of using public Wi-Fi? What’s the worst that can happen when you log onto an unsecured network to check your email or post on social media?
In this guide, we’ll explain how cybercriminals hack Wi-Fi networks, the true risks of unsecured public Wi-Fi, and what you can do to keep your devices and personal information safe and secure.
How Do Hackers Break Into Public Wi-Fi Networks?
Wi-Fi hacking involves manipulating technology and/or human psychology to gain full access to a wireless network. The goal is to observe — and capture — all of the information flowing through it. This could include passwords, banking information, or personal data that can be used for identity theft.
Unfortunately, hacking Wi-Fi networks is notoriously easy.
Cybercriminals use a combination of technical know-how and free tools to sneak into networks. Or, as one ethical hacker put it [*]: “All you need is €70, an average IQ, and a little patience.”
With a minimal toolkit, scammers can launch any of these 7 most common attacks against Wi-Fi networks:
- “Evil twin” attack. This attack involves setting up malicious hotspots with seemingly trustworthy names (e.g. “Cafe free Wi-Fi”). When you connect, the hackers can easily intercept your data — including passwords, browsing history, emails, and other sensitive information.
- Man-in-the-middle attack (MitM). This occurs when bad actors break into a network and eavesdrop on data as it travels between connected devices and the Wi-Fi router.
- Password cracking attack. Scammers use software that automatically tries a huge volume of usernames and passwords to unlock a router’s management interface.
- Packet sniffing attack. This occurs when malicious hackers capture data units sent across unsecured Wi-Fi. Then, they can unpack the data to extract individual login credentials or financial information.
- Security vulnerabilities and/or misconfigurations. Sometimes default settings allow cybercriminals to log in as the router’s administrator, or plant malicious software on compromised devices.
- Encryption cracking. Hackers know how to break weak public Wi-Fi security protocols on unsecured networks.
- Wardriving. This happens when malicious hackers drive, bike, or even walk around with specialized equipment that scans for vulnerable public Wi-Fi connections.
The 10 Hidden Dangers of Public & Unsecured Wi-Fi Networks
- Victim profiling that can lead to identity theft
- Malware infections that give attackers full device control
- Password leaks that instantly compromise accounts
- Confidential data leaks with legal repercussions
- Financial fraud through Business Email Compromise (BEC)
- Data loss that disrupts lives and businesses
- Session hijacking that bypasses login security
- Account takeovers that expose you to identity fraud
- Phishing attacks that make you act against your better judgement
- Remote control of your devices through a botnet infection
Most people believe using public Wi-Fi is safe by default. But in reality, many networks use cheap routers and access points which lack essential security measures.
These 10 hidden dangers and unsecured Wi-Fi risks show how finding a secure connection is the exception — not the norm.
1. Victim profiling that can lead to identity theft
Using an unprotected Wi-Fi exposes you to having your identity mapped out and stolen.
Without encryption and other key security layers, bad actors can easily find out:
- Location data about where you’ve been recently.
- Personal information such as your interests, job, and marital status.
- Detailed financial information about your bank and credit accounts.
Cybercriminals use these details to create targeted cyberattacks. Unfortunately, you probably won’t even know you’ve been profiled until you see the signs of identity theft.
How victim profiling works
- The malicious hacker uses specialized software to see what you're doing (for example, uploading financial documents to a file sharing service).
- Next, they access your online activity history (e.g. websites you recently logged into).
- A quick online search enables them to find your employer, address, and even phone number.
- With this information, they create a phishing email — seemingly from your bank — that asks you to verify a suspicious transaction.
- You log into your account and essentially give your online banking credentials to the attacker.
- They use your credentials to log into your account and transfer funds to their own accounts.
How to avoid being profiled
Strong encryption is the best way to avoid exposing personal data. To stay safe, use a virtual private network (VPN) when connecting to any Wi-Fi hotspot — including your own.
2. Malware infections that give attackers full device control
Using a public hotspot without protection makes it easy for attackers to sneak malicious software (malware) into your device.
Scammers can inject an infected ad into a seemingly safe website, trick you into filling out a phishing form, or even fool you into installing a fake app that records everything you type.
How malware infections work
- You visit a website that you know and trust, with its usual ads displayed.
- You get a pop-up that alerts you about a malware infection on your device and offers a (fake) antivirus product.
- You install the software, giving the attackers remote access to your device.
- They collect data, passwords, financial information, and everything they can find. Only weeks later do you start to suspect that you’ve been hacked.
How to avoid a malware infection
Anti-malware and a VPN service are essential security layers that provide protection for your entire digital life. These tools work 24/7 to keep your device and data safe as you move from one Wi-Fi network to another.
3. Password leaks that instantly compromise accounts
Leaking your passwords is one of the most damaging public Wi-Fi risks because it gives malicious hackers direct access to your accounts.
The fallout is even worse with business login data. For example, tech giant Cisco got hacked when an employee’s personal Google account was compromised [*].
How password leaks happen
- When hacking Wi-Fi networks, bad actors use malicious tools specifically designed to look for passwords.
- These automated software programs capture passwords you’ve saved in your browser, typed into websites and apps, or shared in emails.
- Attackers then use your login credentials to access your accounts and change the passwords, locking you out.
How to avoid leaking passwords
Exposing company information can cause legal consequences or even get you fired. To reduce your risk of leaking passwords over Wi-Fi, start using a VPN and a password manager.
A password manager automatically fills in your login data into websites, hiding it from snooping and eavesdropping scammers. The VPN delivers your passwords through an encrypted tunnel, while also disguising your IP address.
4. Confidential data leaks with legal repercussions
Public Wi-Fi networks are notoriously prone to surveillance and interference from malicious hackers.
Login credentials, confidential contracts, invoices, two-factor authentication (2FA) codes: bad actors want them all. Communications giant Twilio was hacked when employees were tricked into handing over their company login data [*].
Your personal finances and job security are also at risk. An online session over public Wi-Fi can lead to an NDA (non-disclosure agreement) breach or to endangering your colleagues’ work.
How confidential data leaks happen
- While using public Wi-Fi, attackers harvest your work usernames and passwords.
- Then, they go through your inbox and find a conversation about an upcoming corporate acquisition.
- They forge an email posing as your manager, asking you to send over confidential documents.
- The attacker then sells the information on the Dark Web for a hefty price.
How to avoid leaking confidential data over public Wi-Fi
Whether you’re an employee or a business owner, it’s extremely important to be aware of security risks associated with using public Wi-Fi.
A strong cybersecurity suite that protects you and your employees is essential. So is avoiding sending, receiving, and talking about confidential information over open hotspots.
5. Financial fraud through Business Email Compromise (BEC)
In BEC scams, bad actors pose as known entities, making legitimate requests designed to defraud victims. According to the FBI, Business Email Compromise is one of the most financially damaging online crimes [*].
BEC scams can target anyone – from small local businesses to large corporations. In 2021, they caused $6.9 billion in losses, a 64% increase from 2020 [*].
How Business Email Compromise happens
- You’re buying a home and check your email for an update from your title company.
- You receive a message from them with instructions about wiring the down payment. But the immense time pressure makes you forget that you shouldn’t do this over public Wi-Fi.
- You wire the funds to make sure you close the deal before another buyer swoops in.
- But afterwards, you get a call from your title company saying that the deal didn’t go through. Instead, scammers used your personal information to trick you into sending them the money, and you’ve become the victim of deed fraud.
How to avoid Business Email Compromise
Scammers will spend significant time and money to try and trick you. So, it’s essential that you learn how to tell if an email is from a scammer.
Digital security education helps you become more cautious. It also trains you to develop safer reflexes, such as double-checking transactions. And, if the worst happens, having financial fraud and credit protection with included identity theft insurance can be life-saving.
6. Data loss that disrupts lives and businesses
Cyberattacks against open Wi-Fi networks also seek entry points into data storage platforms. This way, bad actors can damage or delete data instead of just stealing it.
Destructive malware attacks have been on the rise in recent years [*]. Attackers blackmail organizations for a ransom and threaten to delete important data. This can cause financial loss and impact customer trust.
How data loss happens
- Malicious hackers discover login details for a corporate file sharing platform while monitoring your Wi-Fi traffic.
- They log into the account and increase their privileges to administrator level.
- As the victim, you receive an extortion email with proof that the attacker is ready to delete extremely sensitive information unless you pay the ransom.
How to avoid losing sensitive data to Wi-Fi hacking
First off, don’t log into sensitive file-sharing services over public Wi-Fi. But if you must, make sure you’re using tools like a VPN to encrypt your data from snooping scammers.
Finally, always keep a backup of your most important data somewhere safe, ideally disconnected from the internet.
7. Session hijacking that bypasses login security
Through session hijacking,malicious hackers take over the connection between your device and the website or app that you’re using. This gives them the same rights that you have as a legitimate, logged-in user.
Cybercriminals covet the free rein this type of attack gives them. It allows them to take over your accounts or bypass website security measures without needing a password.
How session hijacking happens
- You use a cafe’s Wi-Fi to log into your online shopping account, not knowing that it’s been compromised.
- Malicious hackers then steal your session cookie — a small text file created on your device when you log in, which packs personal data. (This includes your name, home address, email address, location, etc.)
- The session hijacker then changes your password and goes on a shopping spree with the credit card attached to your account — or sells your account on the Dark Web.
How to avoid session hijacking
For safe online shopping, never store your credit card details in your online account, no matter how convenient it seems. And for added security, choose an always-on, all-in-one protection plan that combines device and online security with identity and financial fraud protection.
8. Account takeovers that expose you to identity fraud
Account takeovers happen when bad actors gain unauthorized access to your accounts and take full control of them. This could include your email, bank, or even social media accounts.
Since financial institutions hardened their authentication measures, cybercriminals have been focusing on account takeover tactics designed to get around these measures. That is why identity fraud via account takeover fraud (ATO) rose by 90% in 2021 compared to 2020, generating $11.4 billion in damage [*].
How account takeovers happen
- You’re in line at the coffee shop and decide to use this idle time to pay your electric bill.
- You log into your online banking app using the cafe’s Wi-Fi, which you’ve used before and consider safe.
- The malicious hacker two tables away hijacks your session or steals your password to get into your bank account.
- Once inside, they transfer funds to accounts they control, and harvest your credit card information to sell it on the Dark Web for up to $24,000 [*].
How to avoid account takeover attacks
Always use a virtual private network (VPN) to encrypt your data and anonymize your location. This is crucial whenever you need to log into sensitive accounts (banking, online shopping, email, etc.). It’s even better to keep your VPN on at all times, so you don’t have to worry about using these high-value services.
It also helps to know if your personal data — including passwords and SSN — gets leaked in data breaches or turns up on the Dark Web. This helps you know which of your accounts is at risk and offers you the chance to react promptly.
9. Phishing that makes you act against your better judgment
Phishing is a form of social engineering attack that uses deceptive messages to get victims to release sensitive information. This can include passwords, authentication codes, documents, and more.
By hacking into Wi-Fi hotspots, attackers can intercept network traffic and inject phishing attacks.
When you get phished, you’re not the only one who suffers. Attackers also get your list of contacts, which they can then target with even more phishing emails, text messages, and voicemails. Because it's very effective, phishing continues to be the most frequently reported type of cybercrime [*].
How phishing over public Wi-Fi happens
- You’re scrolling through your inbox while waiting for friends to join you for lunch.
- A new email arrives notifying you that someone’s been trying to access one of your social media accounts — and asks you to change your password.
- While on the restaurant’s Wi-Fi, you click on the link, enter your current login details, and change them.
- A few hours later, you receive messages and calls from family and acquaintances asking if your account got hacked.
How to avoid phishing attacks
In 2021, U.S. consumers and businesses lost over $54 million to phishing [*]. So it’s wise to add even more layers to your cybersecurity ecosystem in order to reduce the risk of aggressive phishing attacks.
The Federal Trade Commission (FTC) recommends that you [*]:
- Use a robust security solution like Aura that includes a VPN and antivirus protection.
- Keep your software up to date.
- Turn on multi-factor authentication (MFA), which confirms your identity via face ID, fingerprint, or one-time codes.
10. Remote control of your devices through a botnet infection
A botnet is a group of devices infected with malware which an attacker can control remotely.
Botnet infections open your device — and everything on it — to additional spying and data leaks. Bad actors use botnets to distribute spam and phishing emails, hide their tracks, or take down online services through distributed denial-of-service or DDoS attacks. They also sell or rent botnets to other cybercriminals and scammers, making it a lucrative business.
How botnet infections on unsecured Wi-Fi networks happen
- While on public Wi-Fi, you visit a website that covertly displays malware-infected ads.
- The malicious code in the ad automatically scans for vulnerable elements in your browser.
- Through the right security hole, it drops malware on your device, which gives the attacker access.
- The hacker downloads additional malware and takes control of the device, without your knowledge.
How to avoid a botnet infection
Multi-layered digital security is the most effective approach to keeping all your devices safe — no matter what you use them for.
An ideal digital security suite must include five essential components:
- Device security
- Data protection
- Personal information monitoring
- Expert support for guidance
- Identity theft insurance
Aura combines all of these security layers into one single, easy-to-use platform.
How Can You Tell if An Unsecured Wi-Fi Network Is “Safe”?
Almost half of surveyed U.S. internet users trust public hotspots to keep their information safe. Yet most owners of establishments that offer free Wi-Fi aren’t more technically skilled than the majority of home users.
Your home network wasn’t set up by a cybersecurity specialist, and your favorite cafe’s Wi-Fi network wasn’t either. If you can’t tell if your home Wi-Fi was hacked, neither can they.
Unless you are connected to a professionally designed and secure network, assume all hotspots are unsafe.
In spite of this harsh reality, there are instances when you will need to use public networks, especially for remote work or emergencies.
Here are 10 ways to check if a Wi-Fi network is safe to use:
- You’ve confirmed with the establishment’s owners that the name of the network you want to use is the one that they set.
- You have to enter an annoyingly complex password to use it.
- Your VPN is turned on and working.
- Your antivirus software is up to date and running in the background.
- Your antivirus has traffic and content filtering capabilities.
- Your operating system, browsers, and other apps are up to date.
- You’ve quit any unnecessary programs, tabs, and applications.
- You’ve logged out of accounts you don’t need.
- You’re using a password manager to automatically fill in your credentials and multi-factor authentication (MFA) for accounts that support this feature.
- You have an ad blocker that works across browsers and apps.
Does “HTTPS” mean a website is safe to use?
A common misconception is that the “HTTPS” part of a web address automatically marks it as safe to use. This is no longer true — 82% of phishing websites [*] use encryption certificates to make them appear more convincing.
Instead, click on the padlock symbol near the URL to ensure that the site you’re visiting is using a secure connection, and that the security certificate is issued to the company you expect. (For example, any site that claims to be from Apple should have a certificate issued to Apple Inc.)
Remember, cybercriminals are quick to pivot to tactics that people trust. This makes it incredibly difficult to notice the deception without automated tools such as antivirus software.
How to Stay Safe On Public Wi-Fi
Before connecting to public Wi-Fi
- Turn on your VPN.
- Clear your browsing history and cache.
- Check that your antivirus is up and running.
- Turn off bluetooth discoverability settings to avoid others forcing your device to connect to theirs.
- Make sure you’ve turned on two-factor or multifactor authentication (2FA or MFA) for your most important accounts.
- Disable auto-connect to avoid having your device forcibly linked to Wi-Fi networks.
While using public hotspots
- Only connect to networks offered by entities you can tie to a physical location.
- Log out of any account that you don’t need to use while online.
- Close and/or quit applications that you don’t plan on using.
- Store all your passwords in a password manager and use it to autofill your login data.
- Avoid filling in sensitive information (passwords, credit card details, SSN, home address, etc.) while connected to public networks.
- Keep your list of saved Wi-Fi networks limited to only those you truly trust.
After disconnecting from a public network
- Scan your devices for malware with antivirus software.
- Restart your device — This can help break the connection between it and a potential attacker.
- Purge networks you don’t need from your preferred network list.
- And, if you have the option, use your mobile hotspot instead of public Wi-Fi.
The Bottom Line: Stay Safe Online, in Public, and at Home
Online security doesn’t have to be a constant trade-off between safety and convenience.
Despite Wi-Fi hacking and malware threats, using public hotspots is still an option, under one condition: that you have all-in-one protection that takes care of all the devices and data in your digital ecosystem.
For protection against scammers, hackers, and Wi-Fi snoopers, consider signing up for Aura.