by Carrie Kerskie

Using public Wi-Fi is convenient and free. Soundsgreat, right? Think again. You might be saving moneyon your mobile data plan, but it could end up costing you your privacy.

WHAT IS PUBLIC WI-FI?

Public Wi-Fi is offered at most airports, hotels, libraries or local coffee shops. Establishments that offer public Wi-Fi permit you to use their internet connection to access the internet. Many of these establishments require you to enter a security code before accessing the public Wi-Fi network.

The security code is often provided by asking an employee of the establishment, or it posted near the front desk or checkout counter. Public Wi-Fi is similar to the Wi-Fi network you use at your home except that you do not control who gains access to the network.

You and anyone else in the vicinity can join and use the network. Including hackers!

MAN-IN-THE-MIDDLE ATTACKS

The greatest risk of using public Wi-Fi is a man-in-the-middle, MITM attack. A MITM attack is exactly as it sounds. Someone inserts himself into the middle of your connection with the network, your email communications, your web browsing or more.

WI-FI EAVES DROPPING

One type of MITM attack is Wi-Fi eavesdropping, accomplished by the hacker cloning a public Wi-Fi network. It looks just like the legitimate one and may even have the same network ID, or name. He may even boost the strength of the network so that it becomes the strongest one in the area.

The goal is to confuse you into joining his malicious network as opposed to the legitimate one. Once connected, he could install malware, software with malicious intent, on to your device. He could monitor or store your traffic including your login credentials.

Wi-Fi eavesdropping is difficult to detect. It is very difficult to determine which available Wi-Fi network is malicious and which is legitimate by picking from a list of available Wi-Fi networks.

One potential warning sign of Wi-Fi eavesdropping is viewing two available Wi-Fi networks with the same name or similar names.

EMAIL HIJACKING

Anyone in the vicinity of the public Wi-Fi network can join the network, including hackers. A hacker may join the public network and launch an email hijacking MITM attack against you. Once launched, the hacker can secretly relay or alter communications between two parties. Perhaps you are waiting for wire transfer instructions from your title company. The hacker can intercept the email and send you a different wire transfer instructions. Except these instructions send your money to his bank account as opposed to the title company.

SESSION HIJACKING

Another type of MITM attack is session hijacking. You are using public Wi-Fi and have logged in to your bank account. You think everything is fine. What you don’t know is that a hacker has your login credentials obtained by stealing your browser cookies. Now the hacker can steal your identity and login to your account.

SHOULDER SURFING

Shoulder surfing is not a MITM attack, but it is still a ccredible risk when using public Wi-Fi. There is no fancy technology involved in shoulder surfing. It is exactly as it sounds. While you are working away on your laptop, someone has strategically placed himself to view your monitor. Now he can observe or record, on his smartphone, everything you are doing on your laptop.