You think you're logging into the coffee shop's Wi-Fi network to check your email. But you may actually be connecting to a crook.
Scammers have gone public, invading libraries, airports, hotel lobbies, coffee shops and other spaces that offer public Wi-Fi network connections to the Internet.
See also: Keep your information private online.
With hacking tools that are easily available online, sometimes for free, scammers can create their own parallel wireless networks that mimic the name or look of a bona fide establishment's hot spot. So you think you're on the shop's network, but you're really on the hacker's.
Or you can be specifically targeted after you've connected to a shop's network with your laptop or smartphone. The hacker, perhaps someone sitting at a table just across the room, is able to intercept your transmissions and read them.
The crook knows what you may not, that many Wi-Fi networks are not secure, allowing for easy pickings of your personal data — email addresses, cellphone numbers and passwords. And if you bank or shop online while connected to these networks, your financial account numbers are at risk, too.
So if you use Wi-Fi in public spaces, follow these 10 tips to safeguard your information:
How to protect yourself
1. Set your laptop or smart phone so you have to manually select the Wi-Fi network. You may need to change the default setting.
2. Make sure you know the exact name of the establishment's Wi-Fi network and connect only to it. Don't be fooled by look-alikes.
3. Avoid any hot spot that your device lists as "unsecured." Keep in mind that even if a password is required, a hot spot can still be unsecured.
4. If your device shows the site as secured, pay attention to what kind of encryption it lists. WEP (Wired Equivalent Privacy) is an early system, dating from over a decade ago. If it's WEP, treat the network as not secure. WPA (Wi-Fi Protected Access) is better, and WPA2 is best of all.
5. If you send personal data over a Wi-Fi link, do so only to an encrypted website. You can tell a site is encrypted if you see the letters "https" (the "s" stands for "secure") at the beginning of its Web address. Also, look for a lock icon on the top or bottom of pages throughout the site.
6. Before using a public Wi-Fi network, install such software as Force-TLS and HTTPS-Every where, which are free add-ons to the Firefox browser. They make sure you use encryption features available on websites you visit. Virtual private network software — some of it free, some not — can also add security.
7. As with your home computer, change your passwords frequently and make them hard to crack by including digits and symbols. Use different ones for different websites.
8. Keep your security software up to date and pay attention to on-screen warnings.
9. Turn off Wi-Fi when you're not using it.
Sid Kirchheimer is the author of Scam-Proof Your Life, published by AARP Books/Sterling.