Don’t sacrifice your security for free Wi-Fi

Woman using smartphone while having lunch
« Return to Learn

Who doesn’t love a little free Wi-Fi? You can surf to your heart’s content without draining your monthly data.

But public Wi-Fi comes with a hidden price tag. Although convenient, it can leave you vulnerable to hackers seeking to steal your info.

Just how risky is it? To put things in perspective, three in five consumers think it’s riskier than using a public restroom. Yet 87 percent admit to taking advantage of free internet access in cafes, airports and hotels.

“Think about the cost of being connected all the time. Nothing is free,” says Norton product manager David Lee. “The biggest threat is your data, traffic and identity could be completely exposed.”

Just like most of the things we do in public, however, using free Wi-Fi is fine as long as you protect yourself. If you don’t want to be one of the two in three of Americans who unknowingly surf at risk on public networks, there are a few things you should know.

Why public Wi-Fi isn’t safe

Free Wi-Fi is like an all-you-can eat buffet for hackers. Unlike a private home, where only a few people get online, free public networks might host hundreds of users a day—all with sensitive info to steal. Plus, the Wi-Fi in public places is often unprotected and easy to hack.

There are two types of public Wi-Fi: secured and unsecured. An unsecured network is open to anyone within range, no password required. A secured network requires you to type in a password, register an account or agree to legal terms before you can connect--better, but still risky since many places use shared passwords.

How does this benefit hackers? It leaves you vulnerable to tricks such as:

Man in the middle. When you connect to public Wi-Fi, your device exchanges data with websites you use. Hackers can intercept this data in transit. They can even make changes to it.

Evil twin. A devious hacker can set up a hotspot that looks legit, luring unsuspecting victims to their network instead of the real one. They can even broadcast fake credentials that trick your device into automatically connecting.

Packet sniffing. Data thieves often use software called packet sniffers to eavesdrop on network traffic. They can look at the web pages you visit, see any information you fill out, or even capture your login credentials and hijack your account.

Malware injection. Hackers aren’t just able to intercept your info; they can also exploit weaknesses in your software or operating system to send information back to you. This means they can slip malware onto your device without you even realizing it.

What you can do

Does all this mean you have to avoid public Wi-Fi like it’s the doctor’s office? Not at all! It just means you need to start paying better attention to your online exposure. For example:

  • Use only networks that require a password
  • Double-check that the network is legit before you connect
  • Disable file sharing
  • Turn off automatic connectivity
  • Turn off Bluetooth when you’re not using it
  • Visit only websites that use HTTPS
  • Use a VPN if possible
  • Switch to your cellular connection before doing anything sensitive

What’s off-limits

That said, there are a few things you never want do on a public Wi-Fi network, no matter how legit it seems. These include:

  • Logging into your bank account
  • Completing online purchases
  • Checking your email
  • Visiting websites that contain sensitive data
  • Entering or sending any private information
  • Logging into any website that requires your password

Now that you know the basics, you can go out in the world and stay connected—without giving up your sensitive data.