5 Ways Hackers Use Public Wi-Fi To Steal Your Identity

Don’t you just love it when you find access to free Wi-Fi? In some situations it can seem like a real lifesaver… but cybercriminals are also quite fond of free Wi-Fi. For very different reasons, mind you. 

You see, a free Wi-Fi connection in a public space can give hackers access to your private data. So, what you may think of as a helpful link to the online world, hackers view as a way to get hold of your information. 

Thankfully there are ways you make yourself less susceptible, which we will go through in more detail a little later. But first, let’s have a closer look at public Wi-Fi and how hackers use this to try and get their hands on your sensitive details.

What Is Public Wi-Fi?

A public Wi-Fi hotspot is precisely as it sounds. It’s a way to connect to the Internet for free, usually made available in public places, like coffee shops, airports, libraries, and hotels. It’s a pretty practical benefit that people can take advantage of when they need to connect, especially those who work from home or travel frequently. 

Problematically, public Wi-Fi has become a dangerous online environment.

Here are 5 ways that hackers steal your information – perhaps even your whole identity.

1. Man-in-the-Middle Attacks (MitM)

An MitM attack is perhaps the most common of the cyberattacks associated with public Wi-Fi. In its simplest form, it’s where an attacker intercepts and modifies communication between two parties. What this means that when you join a public Wi-Fi connection, which offers little to no protection for users, a hacker can monitor your usage and intercept all the data that you enter – like your login details for social media, health insurance app, or even your bank’s website. 

2. Fake Hotspots 

You’re sitting in your favourite restaurant, Bingo Wings, cruising on your device when a hotspot named BingoWings123Free pops up. No harm in connecting for free so you can scroll your socials or login to your banking app to check fund before you order, but in doing so, you could be handing over all your private information.

There are a bunch of different names for this method, like ‘evil twin hotspot’ or ‘rogue hotspot,’ but our favourite is the ‘honeypot’ because hackers lure people in with free Wi-Fi, like bees to a flower. Once you’ve connected with the unsecure network, the hacker can intercept your data and steal your account names and passwords. They could also redirect you to illegitimate sites, such as phishing sites or malware, and can see the contents of any files that you download or upload.

3. Eavesdropping Attack

Also referred to as ‘sniffing’ or ‘snooping,’ this kind of cyberattack also involves taking advantage of people using an unsecure network – usually through connecting to a public Wi-Fi hotspot. The hacker downloads data packets through this network, stealing information that’s being sent or received by the user. 

Hackers then sniff around in their own time to gain sensitive financial and business information that they can sell for criminal purposes.

4. Sidejacking

Sidejacking, or ‘session hijacking,’ involves a hacker gaining unauthorised access to a website by using public Wi-Fi networks. Simply, your login information is sent over an encrypted network and verified using the website’s account information. This then responds by sending cookies to your device, which isn’t always encrypted. As a result, a hacker can take over your session and gain access to any private accounts you’re logged into.

5. Shoulder-Surfing

This isn’t exactly hi-tech, but it’s effective. All that’s required is for the criminal to hang about and peek as you enter your login details – particularly on private or sensitive sites, like your banking app or online shopping websites. It’s a primitive scam and a decent hacker doesn’t need all the exact letters and names. Just watching what you type can give them something to work with. 

Stay Safe!

The main thing to keep in mind about using public Wi-Fi is that other parties can (and often very likely do) monitor any traffic you send or receive. This includes every personal email, login and password, or funds transferred from your bank account. 

So, what are you supposed to do? Look a gift horse in the mouth? Well, if that horse is actually a donkey then yes! But we hear what you’re saying and have put together a number of tips to help you stay safe if you have to use public Wi-Fi.

These safety measures include:

• Use a VPN – This will encrypt your data and keep it private online, and fortunately VPNs are easy to find and use.
• Check the “s” – Look closely at the URL of the site you’re visiting and if there’s no little lock icon in the tab and no “s” in https (which stands for secure), then it’s not secure.
• Strong Passwords – Create long, unique passwords for each account and don’t recycle passwords, so that even if you’re using an unsecure network, hackers can’t access your accounts. 
• Enable 2FA – This extra security measure for access relies on two pieces of identification before granting access to sensitive accounts and data, like your Google Drive or banking app.
• Be Vigilant – Know who’s around you and if you feel like there might be eyes following your every tap on your screen, don’t go on anything private.

Stay Protected

Hopefully this information will give you a head’s up about the risk involved in using unprotected Wi-Fi, as well as a few tips on how to beware of any attacks. This way you can enjoy the opportunity to freely take your laptop or mobile device down to your local coffee shop and surf the web or get on with work.