Surfers can lose sensitive information to hackers in a bewildering variety of ways - especially if they access the Wi-Fi networks available in public locations:
- Around you, others connect to the same network, and one of them might happen to have the proper tool to scan your laptop for vulnerable software and use it to plant backdoors or access login credentials if, for instance, they are sent unencrypted.
- A mid-level techie can set up a network, give it a generic name such as “free Wi-Fi” or “Secure public Wi-Fi,” and monitor the traffic of all users that connect to his network in sniffing or man-in-the-middle attacks. They can read all data sent in that network.
- Someone sniffing data packets can snatch session cookies to access your resources, including social networking, online banking and online shopping accounts during that open session. Imagine someone changing your status or uploading a photo on your behalf.
- Accessing online banking and online payment websites or making e-shopping transactions through public Wi-Fi hotspots might be convenient, but cyber-criminals can still use a fake SSL certificate to circumvent a secure connection, have the user approve it and use it to sniff login data and such.
1. Access only encrypted websites while on public hotspots. Make sure you type ‘https://’ before the URL of the website or look for the locked padlock that shows you are using a secure connection, meaning you are using encryption over a public Wi-Fi.
2. Ask an employee (bartender, hotel receptionist) for the exact name of the hotspot you intend to use so you don’t accidentally access a network set up by someone with a secret agenda. You can also ask the hotel receptionist if they use AES with their wireless network. But if you access over a wireless connection websites that are not using encryption, someone in the same network can still sniff data packets and see what you send in the network.
3. Make sure the Wi-Fi, or the automatic sharing options are switched off when you are not using them. With Wi-Fi automatically enabled, you risk having your laptop trying to connect to an unsecure network without you even realizing it.
4. Don’t check your account balance sheet or shop online on a public Wi-Fi. If you do, use a dedicated payment solution that helps you securely connect to your bank account or e-payment website from an unencrypted hotspot.
5. Password–protect and encrypt your device. In case someone steals or finds your device, make it harder to access information stored there. Also encrypt your data with dedicated software, or – if your device supports it – with the default encryption option. Use anti-theft programs to help track your device and lock or wipe your data from afar.
6. Install anti-virus software and keep it up-to-date. Installing an antivirus and a privacy security solution on your laptop is imperative. A good security solution with anti-malware, anti-spyware and anti-spam modules offers an effective shield against all kinds of threats. This will help you steer clear of fake security apps, worms, Trojans and viruses.
By keeping your OS and apps up-to-date, you give your system the most recent patches for all known vulnerabilities to protect you against the latest threats. Many pieces of malware target unpatched vulnerabilities. Once patched, they cannot harm your device or your data.
7. Turn off the laptop when you are not using it. You want to keep your laptop always on so you can access it the instant you need or want to, but this can be a bad practice. In case your system is infected with a botnet, the malware may continue to use your resources even when you are not using it.
8. Your firewall must be on at all times. The firewall is crucial for joining this kind of network. When surfing without a firewall, your PC is visible to others, along with your network shares you might have left open for friends at the office or for your family at home.
Author: Loredana Botezatu, Bitdefender