What are the risks of using public WiFi?

green text and binary on black screen

Monday, 19 August, 2019

Although 4G provides a perfectly adequate method of data connectivity while we’re out and about, most of us are happy to utilise open networks periodically.

Traditional stone buildings often block cellular connectivity, while many parts of the UK only enjoy reasonable signal strength outdoors.

In shopping centres, basement cafés and rural hotels across the land, open WiFi networks provide a practical way to get our smartphones and laptops online.

However, there’s a problem.

Although these hotspots are generally free, security tends to be lax – or completely absent.

Businesses aren’t going to throw significant sums at cutting-edge data encryption for a free service. And anyway, that would make it harder for occasional visitors to get online.

As a consequence, public WiFi risks are more significant than people generally realise…

Hotspot or notspot?

A survey conducted last month by cybersecurity company Bullguard uncovered some startling revelations about our attitudes to public WiFi.

Firstly, it revealed that forty per cent of survey respondents would automatically try and connect to any wireless network whose name matched their location.

In other words, they wouldn’t bother to check whether it actually was a WiFi network provided by their host, or a spoof network set up by cybercriminals to trick the unwary.

Connecting to the latter might get a device online, but every bit of data sent and received would be monitored – and potentially reused to commit theft or fraud in the victim’s name.

Less than one in five people invested any time or effort in checking network security. And few claimed to be concerned about logging onto a network without needing a password.

A thief’s treasure trove

Bullguard also revealed over a third of daily public WiFi users are happy to distribute sensitive information across insecure open networks which anyone can snoop on.

Logging into online banking, completing ecommerce transactions and accessing password-protected accounts are just three examples of irresponsible data sharing over public networks.

Bullguard describes this as “choosing convenience over safety”. And they’re not wrong.

Public WiFi risks include so-called man-in-the-middle attacks. That quiet chap on a laptop in the corner could be studying every data packet sent from every device over an open network.

From identity theft to password cloning, this treasure trove of information is far easier to access than over a domestic WiFi network, where WPA2 encryption comes as standard.

Shockingly, over 60 per cent of people have devices set up to automatically connect to the strongest WiFi signal, irrespective of its authenticity.

Minimising public WiFi risks

With almost half of people believing antivirus software will protect them from cybercrime across insecure WiFi networks, many of us clearly need an education on staying safe online.

Firstly, remember any public WiFi network represents an easy target for eavesdroppers. In a café, they can even enjoy a latte and an Empire biscuit while they target unwitting victims.

Secondly, avoid conducting any financial or ecommerce transactions over a public network – crooks won’t be especially interested in web browsing or mundane work emails.

Connect to the internet through a VPN, or use the Tor browser. This prevents man-in-the-middle attacks by fully encrypting every data packet sent to and from your device.

If your device’s screen isn’t fitted with a privacy filter to prevent spying from oblique angles, be mindful of people nearby who might be able to view your keystrokes or screen contents.

Be wary of any public networks which don’t ask users to accept terms of service prior to getting online – these could well be bogus networks set up by criminals.

And rather than using apps, visit HTTPS-certified desktop websites instead.

If in doubt…

Finally, if you have any doubts about a network you’ve connected to, disconnect and tell the device to forget the connection.

Clear your browser cache, run malware checks and change any passwords on accounts accessed during this browsing session.

You should also report your suspicions to staff, in case the network actually is fraudulent or compromised.

This might even encourage them to upgrade the security offered by their WiFi networks…

Neil Cumins author picture


Neil is our resident tech expert. He's written guides on loads of broadband head-scratchers and is determined to solve all your technology problems!

News What's the story?

Keep up with the latest developments in UK broadband.

Openreach change lanes and abandon G.fast

All current plans for G.fast deployment are officially under review.

Openreach change lanes and abandon G.fastOpenreach change lanes and abandon G.fast Read more

Facebook sinks deeper into hot water

A US federal judge calls Facebook's privacy policy "so wrong".

Read more

Extra security for Firefox browser upsets ISPs

Broadband customers get cutting edge security for free, but ISPs don't want you to have it.

Read more

100 towns get up to £25 million for better broadband and transport

New funding will "level up" towns across the North of England and Midlands

Read more

Help Learn with us

Make the most of the internet with our broadband library.

Are your smart gadgets safe from malware?

Stay smart about the threats to all of your devices

Read more

Should you set up a public WiFi hotspot?

Read more

Why do I need a landline to get home broadband?

Read more
Back To Top