You’ve probably been in this situation while traveling. You’re sitting in an airport or restaurant, and you check to see whether there is a free wifi connection. You find one in your phone settings, but you’re not 100% sure whether it’s safe to join. You’re torn between getting your notifications and messages, and keeping your data and privacy secure and safe. Should you connect to the free public wifi while traveling?
Why it’s risky
First off, we should probably discuss why it’s dangerous to jump on an unsecured wifi connection. I won’t get too technical, as I’m not a network security expert or engineer. However, to explain it simply, it’s not uncommon for hackers to scan other computers on the same network for open ports and vulnerabilities, or even intercept the transmitted data through packet sniffing or a man-in-the-middle (MITM) attack. In a man-in-the-middle attack, you might see a version of a site that you think is legitimate. Instead, it’s the hacker trying to intercept your personal data.
Or even worse, sometimes hackers can perform an attack known as an “evil twin” where they pretend to be the free internet hotspot. If you think about it, anyone can create a hotspot and call it “Free Airport Wifi” and wait for folks to join. In this scenario, any data that you transmit can be intercepted and compromised.
There are other ways that your data can be compromised, such as through sidejacking or session hijacking. We won’t get into all the details, but just know that there are many ways for bad folks to steal information.
Tips and considerations
With all the dangers of free wifi, here are some tips to protect yourself:
1. Use your mobile phone for data:
When I am traveling domestically, I generally avoid the free wifi connections at the airport and just tether my tablet and laptop to my phone. It’s a lot safer, and I don’t have to worry about whether the connection is legitimate. This option is not always available though, especially when traveling internationally or places where my mobile phone reception is not available or strong.
2. Stick to wifi connections that are provided by businesses:
This can be a tricky one, but if you have the option of joining a free airport hotspot or a free connection at Starbucks, I would suggest connecting to the one that is likely managed by a business. This doesn’t mean that the connection is safe by any means, but it might eliminate some of the potential threats, like the fake hotspot trick we discussed earlier.
Also, if you happen to be at a coffee shop and you see two similar hotspots, ask the clerk which one is the correct network. You may also want to alert them if you see a hotspot trying to spoof their network.
3. Be wary of sign-up pages:
It’s common for free internet connections to ask for your contact information. I would suggest using an alternative email address (e.g., a “burner” email) that doesn’t include your name, and possibly a different or shortened name when signing in. If someone is intercepting your data, you don’t want them to have your name or email as a starting point if they are trying to compromise your information through social engineering. Hackers can often compromise your identity using bits and pieces of information about you. Avoid giving them your contact information from the start.
4. Avoid transmitting sensitive data:
This one is tricky. Your phone and computer already send massive amounts of data behind the scenes, even when you’re not actively using your device. However, as a general rule, I avoid logging into any sensitive accounts, like my bank accounts, when on free and unsecured internet connections.
If you do need to access sensitive data, I suggest sticking to secure websites and apps. When using a web browser, make sure the address includes https, and that you see a padlock in the address bar identifying that it’s a secure connection. Apps are a bit more difficult to gauge. Most of the major banks have apps that transmit your data securely. However, some security experts recommend using mobile websites instead of apps for financial data since apps can sometimes accept bogus security credentials.
5. Make sure to log out of services when you’re done:
If you happen to be using services like Facebook or Gmail, make sure you log off before ending your session. It might seem like overkill, but it prevents someone from trying to continue using your open session. Also, many sites now offer the ability to log sign-ins, which is a good way to know whether someone might be trying to use your account.
6. Use a Virtual Private Network (VPN):
This is probably your best bet to ensure that your data is securely transmitted when connected to a free open wifi connection. These services route your traffic through dedicated and encrypted servers. It’s like having a secure tunnel for your data the moment it leaves your device where no one can peek inside or see where it’s going. There are several free and paid options out there, we personally use and recommend Private Internet Access whenever we travel. It allows us to connect to different secure servers around the world on our laptop and phone. As a bonus, we can often stream our favorite television shows since we are connecting through a US server.
Also, some high-end home network routers allow you to create your own VPN service, which is also a great option if you’re tech savvy and want to control the process.
There are a ton of other security precautions that you can take, and I’ll include a link below article that talks about configuring your firewall and share settings, especially on laptops. It’s unfortunate that we have to think about these things, and sadly, there isn’t a foolproof way to completely avoid the risks. However, you can definitely lessen the chances of your data being stolen by taking some small steps and precautions.
Do you have any tips or experiences with free wifi networks, especially while traveling? If so, please share them in the comment section.