Free WiFi sounds great, but unsecured WiFi is truly a great threat.
Three weeks ago (July 30, 2018) we told you about an interesting app called Avira Home Guard that scans your home wireless network and detects and notifies you of vulnerabilities and possible fixes. It identifies devices that are vulnerable to attacks and makes you aware of threats you might not even know exist. But are you safe when you use public, wireless networks (WiFi) outside your home?
First, accept that public WiFi is inherently less secure. You don’t know if the operator is careless or bad or if hackers can access the network. Certainly, at home you are relatively safe from the last two. Some people think it’s good enough to rely on well-known public companies like Starbucks or McDonald’s rather than unfamiliar WiFi networks but have you seen the list of large data breaches lately? Even the largest companies get sloppy with computers. Still, it’s best to stay away completely from unknown networks, especially if you can’t determine what their motivation is for offering free WiFi in the first place. Maybe what they are selling isn’t coffee but your identity.
Google chrome browser now tells you a website is “not secure” if it is HTTP instead of HTTPS (S for secure). Even when using public WiFi, you are much safer on HTTPS websites. The problem is, you don’t get to choose if the website you want to visit is HTTPS. You can, of course, decide to heed the Google warning and leave immediately and return when you can do so safely.
Some WiFi networks ask you to provide some personal information to their “gateway” page before you can access the Internet. Fancy-pants, high-end sandwich shop that had a big data breach earlier this year, we are thinking about you. They may just want to get your email so they can send you their latest coupons, but beware of any such gateway that asks you for anything that could be used as credentials for one of your real accounts. Name and email are pretty safe, but don’t provide your address or telephone number. This information could be used by hackers to trick others into believing they are you.
Turn off or limit the use of file sharing services. You don’t want someone to be able to “Air Drop” a file onto your computer. On a PC, under Network and Sharing Center go to Change advanced sharing settings and disable file and printer sharing. On a Mac look for Sharing under System Preferences.
Perhaps you’ve read this far and say, “I know it’s not safe, so I don’t do anything that requires safety when I use unencrypted WiFi. I don’t do only banking. I just surf the Internet or play games.” Really? Do you access any sites that require a password? Do you share those login credentials with any sensitive sites? Does your email or file sharing service like Dropbox sync automatically? If so, then those credentials may be accessible to hackers. If I had access to your email, could I find out who you bank with, work for or have other accounts with and hijack your email account to reset your passwords? Give hackers the smallest point of entry and they might take over your entire computer. Maybe they’ll install a virus, key logger or other malware for good measure.
What are your options? First, where possible, use the cellular network on your phone and access the Internet through it. A second option is to connect to the Internet through your phone by turning your phone into a mobile hotspot. This is also sometimes known as “tethering”. Keep in mind that unless you have unlimited data, this can get expensive, and even if you do, the network may not be as fast. That said, we’ve personally seen cellular networks that far outperform over-burdened coffee shop WiFi with half a dozen patrons streaming music and video or using Skype and bogging the entire system down for everyone.
Finally, consider investing in a VPN or Virtual Private Network. This topic deserves its own posting and that will come soon, but briefly, a VPN encrypts all the traffic between two parties so that even if a hacker is “listening” it will be much more secure. The bad guys should not be able to see your activity or even know who you or the other party you are connecting with is. There are free and paid VPNs but as you might expect, you get what you pay for and you are usually the product being sold on free VPNs, even if it’s just to advertisers.
At MyProfyle, we believe this threat is further proof that everyone’s information is at risk from many different sources and that we are all exposed multiple times per year. The solution to identity fraud is not to try to lock your identity or seek unobtainable privacy but to control your identity – not just your credit – by putting yourself in the position know of, approve or decline activity conducted in your name. That’s MyProfyle Free For Life ™ Identity Protection.