Students have been issued a warning over using public Wi-Fi networks to transfer money or share personal information, as they start university this month.
Šarūnas Karbauskas, a cyber-security expert at VPNPro explains that although many publicly accessible Wi-Fi networks are generally deemed safe, he warns that students still risk sharing personal information online if they don’t take precautions.
“A common misconception is that if a public Wi-Fi network requires a password to connect your device, then your personal information is entirely safe from cybercriminals, which simply isn’t the case”, Šarūnas explains.
“While password-protected Wi-Fi networks are definitely much safer than password-free networks, you can still be vulnerable to potential online attacks when entering personal information online.”
Password Vs Password-free Wi-Fi networks
Šarūnas adds, “Most public Wi-Fi networks, such as in cafés, pubs and restaurants, are password-protected which means that your data is encrypted when you are browsing online.
“This means that if someone outside of that network intercepts your connection, they won’t be able to understand the data and are unlikely to be able to do anything with it.
“If you connect to a public Wi-Fi connection that doesn’t require a password however, your data is not encrypted, which means that all information you enter online can be captured by anyone within range of the network. This includes any personal or banking information you may have entered.
“Using a password-protected Wi-Fi connection is much safer but can still pose some risk, however. If your café's Wi-Fi router uses old-school WEP encryption for example, every user’s web traffic is encrypted using a single key which means that anyone on the network can see what you’re doing.
“Most Wi-Fi routers should now employ the WPA2, or the more advanced WPA3 protocol, which both provide a greater level of protection.
“To check which type of security your Wi-Fi network uses, Windows users can go to Wi-Fi settings and click on the network they are connected to, and it will be under ‘Security type’. Mac users can hold down the ‘Option’ key and click on the Wi-Fi symbol in the top right corner of your screen, to show the Wi-Fi's security type.”
Tips for staying safe on public Wi-Fi networks
Sometimes you may need to use a public Wi-Fi network. In these cases, there are several precautions that you can take, to reduce the risk of revealing your personal information to cybercriminals.
1. Verify the Wi-Fi connection
If you are at a café or pub, ask a member of staff if you are about to connect to a legitimate Wi-Fi connection, as cybercriminals often imitate Wi-Fi hotspots in order to intercept sensitive data.
Referred to as an ‘Evil Twin Attack,’ hackers will often create a fake Wi-Fi hotspot using the establishment’s name or something enticing such as ‘Free_Pub_Wi-Fi' to hoodwink customers into connecting to their bogus network, before then snooping on their web activity.
Remember, most public Wi-Fi networks will be password-protected and will encrypt your web traffic, which should provide you with a greater level of protection from hackers.
2. Enable your device’s Firewall
Most modern laptops come with a built in Firewall, which shields your computer from malicious network traffic and helps prevent unauthorised access to your laptop.
For Windows 11 users, your laptop’s Firewall should be automatically enabled. To check it is enabled go to: Start > Settings > Privacy & security > Windows Security > Firewall & network protection > Windows Security settings. Then ensure that it is enabled for Domain network, Private network, and Public network.
For Mac OS users the Firewall isn’t always enabled as standard. To enable this, go to: System Settings > Network > Firewall > Click the toggle to enable.
3. Enable HTTPS only mode
When online, make sure there is a padlock symbol next to the URL of every website, as this ensures the information passing between your device and the web server is encrypted, preventing most third parties from spying on it.
Most browsers will do this by default, but you can switch on a ‘HTTPS only feature’, which will automatically move you to the secure HTTPS encrypted version of a website if you happen to end up on the unencrypted HTTP version.
To enable HTTPS Only mode on Google Chrome, open the application and select: Settings > Privacy & Security > Security > Toggle on ‘Always Use Secure Connections’
Safari users can update their operating system to macOS Big Sur and macOS Catalina in order to use Safari 15, which automatically enables the HTTPS Upgrade feature.
4. Never install software or certificates
A free public Wi-Fi network should never ask you to install any additional software or certificates to use it. If it does, this could indicate that you are connecting to a fraudulent network.
5. Avoid logging into or checking sensitive information
Hold off on logging into banking, social media and email accounts or entering any personal information on public networks until you get home, even if you are using password-protected public Wi-Fi.
6. Enable two-factor authentication Make sure that any important personal accounts require two forms of verification in order for you to access them. This way, if someone successfully intercepts your password and tries logging into one of your email accounts, you will receive a text to confirm that it is actually you trying to log in.
7. Set up a mobile hotspot if possible If you are unsure of the legitimacy of a public Wi-Fi network or the network is not password protected, try to use mobile data on your phone when possible and set up a mobile hotspot if you are working from a laptop.
8. Use a VPN A Virtual Private Network, or VPN, uses tunnelling protocols to ‘wrap’ your data in a layer of encryption so that anyone intercepting it cannot make any sense of it, as well as concealing your true IP address.
A VPN should provide you with the greatest level of protection from online attacks, even if you are browsing the web on a password-free public Wi-Fi network. There are several free VPNs online, but more reliable ones will cost you a couple of pounds per month.