Carrie Kerskie

by Carrie Kerskie

Using public Wi-Fi is convenient and free. Soundsgreat, right? Think again. You might be saving moneyon your mobile data plan, but it could end up costing you your privacy.


Public Wi-Fi is offered at most airports, hotels, libraries or local coffee shops. Establishments that offer public Wi-Fi permit you to use their internet connection to access the internet. Many of these establishments require you to enter a security code before accessing the public Wi-Fi network.

The security code is often provided by asking an employee of the establishment, or it posted near the front desk or checkout counter. Public Wi-Fi is similar to the Wi-Fi network you use at your home except that you do not control who gains access to the network.

You and anyone else in the vicinity can join and use the network. Including hackers!


The greatest risk of using public Wi-Fi is a man-in-the-middle, MITM attack. A MITM attack is exactly as it sounds. Someone inserts himself into the middle of your connection with the network, your email communications, your web browsing or more.


One type of MITM attack is Wi-Fi eavesdropping, accomplished by the hacker cloning a public Wi-Fi network. It looks just like the legitimate one and may even have the same network ID, or name. He may even boost the strength of the network so that it becomes the strongest one in the area.

The goal is to confuse you into joining his malicious network as opposed to the legitimate one. Once connected, he could install malware, software with malicious intent, on to your device. He could monitor or store your traffic including your login credentials.

Wi-Fi eavesdropping is difficult to detect. It is very difficult to determine which available Wi-Fi network is malicious and which is legitimate by picking from a list of available Wi-Fi networks.

One potential warning sign of Wi-Fi eavesdropping is viewing two available Wi-Fi networks with the same name or similar names.


Anyone in the vicinity of the public Wi-Fi network can join the network, including hackers. A hacker may join the public network and launch an email hijacking MITM attack against you. Once launched, the hacker can secretly relay or alter communications between two parties. Perhaps you are waiting for wire transfer instructions from your title company. The hacker can intercept the email and send you a different wire transfer instructions. Except these instructions send your money to his bank account as opposed to the title company.


Another type of MITM attack is session hijacking. You are using public Wi-Fi and have logged in to your bank account. You think everything is fine. What you don’t know is that a hacker has your login credentials obtained by stealing your browser cookies. Now the hacker can steal your identity and login to your account.


Shoulder surfing is not a MITM attack, but it is still a ccredible risk when using public Wi-Fi. There is no fancy technology involved in shoulder surfing. It is exactly as it sounds. While you are working away on your laptop, someone has strategically placed himself to view your monitor. Now he can observe or record, on his smartphone, everything you are doing on your laptop.


Your best defense is to avoid using public Wi-Fi. If that is not an option, here are a few things you can do to reduce your risk.

  • Disable the auto-connect to available Wi-Fi networks on your device. You should have to choose the Wi-Fi network that you want to use.
  • Instead of public Wi-Fi, use your mobile phone as a personal hotspot, if available. Contact your mobile phone carrier for additional information.
  • Instead of using public Wi-Fi, purchase a mobile hotspot, your portable Wi-Fi network. Available from mobile phone carriers.
  • If there are two available Wi-Fi networks with the same name, avoid both of them. You don’t know which one is legitimate and which one is
  • Use a VPN (Virtual Private Network) when using public Wi-Fi. Choose well-known brands and pay for the service. Free VPN apps often have
    malicious intent.
  • Use a privacy screen on your laptop or tablet.