FRAUD RESOURCE CENTER
En español | These days, it’s common for public gathering spots like coffee shops, grocery stores and airports to offer visitors an internet connection via free Wi-Fi networks, and a lot of us take advantage of the access. A 2016 AARP Cyber Security Survey of 800 U.S. adults found that about four in 10 use free Wi-Fi at least once a month.
It’s a great modern convenience, but also a risky one. Many public networks lack strong security protections, which makes it easy for tech-savvy scammers to break into them and take advantage of unwary users — many of whom are doing a lot more than just looking up restaurants or checking the weather. Among respondents to the AARP survey who had used free Wi-Fi in the previous six months:
- More than 72 percent used it to check personal email or social networking sites such as Facebook.
- More than 37 percent did banking online.
- Nearly 33 percent purchased products or services with a credit card.
That kind of activity increases the risk of identity theft by cybercrooks who exploit public networks’ security gaps to invade your phone, tablet or laptop.
One common trick is the “evil twin” hack: A scammer sets up a Wi-Fi network with a name similar to the one you’re expecting to use, hoping you’ll connect to it. Another ploy is to launch a “man in the middle” attack, where the hacker takes up a position between you and the Wi-Fi access point you’re trying to use so as to intercept your data. Once they get in, hackers aim to steal passwords and credit card information or scan emails in search of sensitive personal data.
That doesn’t mean that you should never use public Wi-Fi, but it pays to be careful and follow some basic precautions.
- A public Wi-Fi network lets you log on without entering a password. That means it probably isn’t secure.
- The network has a generic-sounding name like “Free Public Wi-Fi.”
- You’re asked to pay to use the connection. The Better Business Bureau warns that this may be a scammer trying to get you to enter credit card information so he or she can steal it.
- Do check your device’s settings to make sure that it isn’t set to automatically connect to any available Wi-Fi network.
- Do ask the staff at an establishment that offers free Wi-Fi for the exact name of its network, and make sure that’s the one you’re using.
- Do be careful about what you do on public Wi-Fi networks. It’s generally OK to browse the web and check news, weather or traffic.
- Do consider tethering your laptop to your phone and using your mobile provider’s data network instead of using public Wi-Fi. You may incur charges, but you’ll be more secure.
- Do consider signing up for a virtual private network, or VPN, if you travel extensively or use public Wi-Fi often. It will encrypt your data, even on unsecured public Wi-Fi networks.
- Don’t use a public Wi-Fi network to do online banking, make purchases, check email or use social media.
- Don’t trust that your mobile apps will be secure on a public network. The Federal Trade Commission (FTC) cautions that many apps don’t encrypt information properly. It's better to use them on your mobile provider’s data network.
- Don’t use the same password for all of your accounts and websites. That makes it easy for a crook who steals one password to gain access to other accounts.
- Don’t stay permanently signed in to your online accounts. The FTC recommends that you log out once you’re finished doing what you need to do.
Published December 3, 2018
More From the Fraud Resource Center