How WiFi hotspots can cost you your identity

WiFi hotspots connectivity

Using free or paid-for WiFi hotspots poses a slew of security issues that you normally would not give much thought about. Source: Shutterstock.

WHEN TRAVELING, especially for business, it is always a nice surprise to find free or paid-for WiFi hotspots at places like cafes and restaurants.

This allows you to just set up shop to work remotely while treating yourself to a nice lunch or a hot mug of flat white. Or, you know, mindlessly browse YouTube to kill time while you dine alone so you can avoid the awkwardness and weird stares from other patrons.

But every minute you spend on a WiFi hotspot is a minute closer to having your identity stolen.

Using free or paid-for WiFi hotspots poses a slew of security issues that you normally would not give much thought about.

Many public WiFi networks are at risk from at least one cybercriminal snooping around per network hoping to steal passwords, credit card or bank details, personal contacts, and other information.

How does this happen?

Ordinarily, WiFi hotspots, like those in hotels, bars, restaurants, and airports issue passcodes to users. When these outlets do that, criminals who act as customers also gain the passcode.

After which, they will attempt to look for users on the network and attempt to hack into any unsecured tablets, phones, or laptops.

Having infiltrated these gadgets, they will then spy on what these users are doing online and gather any information that could be useful in hijacking their ID or committing another fraudulent act.

It is even worse when it is an insecure but free WiFi hotspot where a passcode is not required. In those situations, it is really quite “free for all”.

WiFi hotspots connectivity

Source: Shutterstock.

And really, no one is really safe from these criminals – especially if you are not particularly tech-savvy.

Cybercriminals are able to go to the extent of creating an “evil twin” network, a spoof network that uses the same name of an establishment, in a bid to fool users into thinking they have a connection to a genuine WiFi they are at.

It allows said criminals to gain access to devices when their owners click the network name and try to log on.

Unknowingly, this method tricks users into sending personal information such as credit card details and e-mails, with their email address, to the criminal’s device and allow them to basically steal your identity.

Cybercriminals can even fake malware alert pop-ups advising users to upgrade their software.

One click of the message and your gadget will immediately get infected with a software intentionally designed to cause damage to your device, giving said criminal complete control to making mayhem.

How can you stay safe?

First of all, never ever put yourself in that position where you are right smack in the crosshair of cybercriminals.

The easiest way to get around this is to create your own private hotspot. This can be done either via your smartphone (which should have the portable hotspot function) or on a MiFi.

A MiFi is a portable broadband device that allows multiple end users and mobile devices to share a 3G or 4G mobile broadband internet connection.

However, both options will require you to have data or data roaming on either your smartphone or your MiFi.

WiFi hotspots connectivity

Source: Shutterstock.

Another simple but smart step in the right direction is turning off the “sharing” option on your device to secure your gadget and stop it from sharing data with anyone on the network.

In lieu of those, if you have to connect to a public-ish WiFi hotspot, ensure you are not connecting to an “evil twin” networks by double (and triple, if you must) checking the name of the connection with the hotspot owner, especially if you are seeing repeats in the list of available WiFi hotspots.

Also, install a virtual private network (VPN) to secure your data. For the uninitiated, VPN is a technology that creates a safe and encrypted connection over a less secure network.

With VPN, even if a criminal has broken into your connection, they will likely just dump the data than spending time and effort on decrypting it.

Guess they probably would not want to work that hard to steal your identity.