Using public WiFi? Beware of risks involved…

Whether you are sitting at a metro station, restaurant or a hospital lobby, a free wi-fi signal always prompt you to enjoy the service. Why not? What’s the big deal in leveraging the service offered? Well, free wi-fi is just another way of offering good customer care. But, there are some cons of using this service. Definitely, the one who is offering has no intention to harm you in any way… but remember, there are always bad elements in the society roaming around.

You can easily get connected to public access points or ‘hotspots’. You necessarily need not a password to establish a connection. In such networks anyone can transmit or receive data packets through radio waves. And, for attackers, it is very easy to barge into data that is not addressed to them. There are more than one ways that can easily hamper your personal information that you are accessing on a free wi-fi network.

Encryption normally helps protect your network traffic from prying eyes. For example, even if your neighbor at home is within range of your Wi-Fi network, they can’t see the web pages you’re viewing. This wireless traffic is encrypted between your laptop, tablet, or smartphone and your wireless router. It’s encrypted with your Wi-Fi passphrase.

When you connect to an open Wi-Fi network like one at a coffee shop or airport, the network is generally unencrypted — you can tell because you don’t have to enter a passphrase when connecting. Your unencrypted network traffic is then clearly visible to everyone in range. People can see what unencrypted web pages you’re visiting, what you’re typing into unencrypted web forms, and even see which encrypted websites you’re connected to — so if you’re connected to your bank’s website, they’d know it, although they wouldn’t know what you were doing.

Inappropriate data gathering
Sometimes you unknowingly, leave your social identity impressions while using these hotspots. You often get browsing cookies prompt in order to continue the browsing. Accepting cookies on a home network won’t cause you any harm. But on a public wi-fi, these cookies can be used to track your browsing history. Any third party or an attacker that has discovered your browsing history including your login details to banking sites and social sites can severely affect you.

Try to surf without accepting cookies or if you have accepted the cookies, delete your browsing history after completing the surfing session. This won’t guarantee complete protection from attackers, but prevent future attacks to great extent.

Sniffing four-way handshake
Nowadays many sniffing applications have been developed to decrypt the network activity. Generally, these applications sniffs fourway handshake. Four way handshake is essential to get connected to wi-fi network. Even if the attacker doesn’t have the Pre-Shared Key (PSK), he may try to sniff the data itself and then try to use brute force to discover the key.

Website spoofing
Website spoofing has become a very common way of fooling users to steal their information. In a public wi-fi, users often come across pages where they are asked to provide login information in order to access some information, or before joining the free wi-fi network. The first step to trap the user is creating a hotspot name similar to the venue. When we carefreely join the network, we ourselves are putting our security into risk.

So… What are safe ways of using public wi-fi?
The first and the foremost technique of saving yourself from attackers is not to visit any website that requires personal details. Reading articles, surfing blogs, watching generic videos, playing online games (but without providing personal details) are safe ways to utilize free wi-fi services. Try not to login to any social sites, upload personal videos or photos, banking sites or any other financial institution site on public wi-fi.

Use a VPN (virtual private network). VPNs create a network-within-a-network solution to keep everything you do on public Wi-Fi private. Even on a password-protected network, people can still intercept the signal. VPNs can help make you invisible, allowing you to check sites without worry.

Surf only secure websites with https. Anything which is suspicious, or pop-ups should be avoided. Even mobile applications are not safe. If you are using a shopping app, news app or ticket booking app… there are chances of barging into your private data, as mobile application don’t have proper encryption. If something urgent need to surfed immediately, try using mobile data, instead of public wi-fi.

Installing browser add-ons or plug-ins can help. For example, Force-TLS and HTTPS-Everywhere are free Firefox add-ons that force the browser to use encryption on popular websites that usually aren’t encrypted.

In the end, we can just say that nothing is secured over web. But protecting yourself from frauds and attackers is in your hand. Be aware of what you watch and surf. And, don’t forget to keep an eye on ‘shoulder surfers’, that keep a tab of what you are typing and surfing.