Next time you’re in a public space with guest WiFi, take a moment to look around and consider who else is here.
Could you say confidently that nobody else in the room is a computer hacker?
Unless the room is empty, filled entirely with people you know or populated with pensioners, the answer is probably no.
And if that’s the case, there’s a strong argument for being very careful about the information you distribute across an insecure publicly-accessible WiFi connection.
The threat is real
Public WiFi network security isn’t a topic which receives much press coverage, though it unquestionably should.
If you’re logging onto online banking, sending HR emails or completing a purchase as a guest on someone else’s WiFi, the information you send can easily be intercepted.
All it takes is someone in the room with software capable of viewing the individual data packets being sent and received, quietly harvesting a treasure trove of personally identifiable information (PII).
As you’re doing one thing, they could be doing another – maxing out the credit card you just made a purchase on, or seeing which online accounts the password you recently entered unlocks.
If you can read the WiFi password behind the counter, so can everyone else, placing their devices right alongside yours.
This form of spying is a pernicious problem, while the identity and financial fraud it often heralds require no introduction.
However, this doesn’t necessitate avoiding using public connectivity entirely, sticking solely to 4G or 5G mobile data.
There are plenty of public WiFi network security tips which will ensure any PII you send or receive can’t be intercepted, interfered with, spied on or stolen.
Improving public WiFi network security
Firstly, only use open WiFi for generic purposes – browsing the web, sending personal emails or scrolling through social media timelines.
Online banking and your driving licence renewal can wait til you’re back at home on a WPA2-protected broadband connection.
Similarly, download streaming content in advance rather than doing it in situ, and avoid in-game purchases when payment data might be intercepted.
Stick to using encrypted HTTPS websites, restrict (or prevent) file sharing, and don’t hand over PII to the WiFi host unless you’re comfortable with what’s being requested.
Don’t assume stored payment details are entirely safe, though they’re preferable to manually entering card numbers in public.
If you must send and receive confidential data, log into an intranet or install a VPN app.
Basic VPNs are free to use, though advanced ones offer greater anonymity. They create a secure tunnel for two-way information sharing which can’t be permeated by rogue agents.
You could elevate security even further using the Tor browser, which scrambles data around the world. However, Tor may be impractically slow when running over public WiFi connections.
It’s also important to remember you may inadvertently reveal PII simply by typing it on-screen.
Wherever possible, ensure login passwords appear as asterisks. Don’t write anything you’d be upset if the person behind you could read, and log off before leaving a device unattended.
Even a quick trip to the cash desk or toilet might enable someone to pillage an unattended tablet or laptop for PII, ready to resell it or exploit it.
Plus, if they simply walked out with your device, it’s unlikely your insurance company would pay out in response to an unattended item theft.