Received a notification that indicates that there is a public Wi-Fi available for use? Read on to find out why you shouldn’t connect to it.
Hackers can steal your information
All hackers need to do to steal information is exist in the same network as that of the victim. Once you access a website and enter in your login credentials, the attacker receives it in plain-text by carrying out a MITM (Man in the Middle) attack using DNS (Domain Name System) snooping techniques.
Even in the case of SSL websites
SSL (Secure Sockets Layer) websites make sure that the communication between a web server and web browser is encrypted. When a website uses SSL technology to encrypt data packets, the URL’s scheme displays HTTPS instead of HTTP.
But, when you are connected to a public Wi-Fi network, remember to never open information-sensitive websites like bank account dashboards, even if the site uses SSL technology.
The hacker can easily make use of SSL stripping tools using which they can retrieve the encrypted data in plain text.
Not password protected
Most public WiFi hotspots are not password protected, and this opens a window for a countless number of people to join the network. There is a very good chance that a hacker also joins this network and tries to retrieve your information.
Many business Wi-Fi spots that may be password protected are also not very secure as they give out their passwords to countless employees that may pass it on to other people as well. They don’t change this password often or at all, making using it quite risky.
It can be a decoy network
Much like HoneyPots, hackers can set up a WiFi public hotspot that would seem genuine enough for use.
Imagine a scenario wherein you visit a supermall and under available WiFi hotspots, you find one available with the same name as that of the mall/franchise. This might make you think that the mall is offering free WiFi and you connect your device to it.
But, this WiFi hotspot could be very well set up by a hacker that lets you surf the internet for free, which would be a small price to pay in exchange for getting you into their network and stealing your information.
Can inject malicious software in your device
The hacker can not only retrieve data but can also inject malware into their victim’s devices that are in the same network as him. This malicious software can be anything ranging from viruses, Trojans, worms to ransomware, crypto mining scripts and what not!
One should be very careful of which network he considers to be a part of since the hazards are detrimental. Only connect to trusted WiFi hotspots or get an unlimited data plan.
Be careful of the public ones and keep your identity and data safe from hackers. Even if you need to connect to a public WiFi in times of emergency, avoid entering any login credentials, especially to any websites that remotely connect to your finances.
Also read: What is a DDoS attack? Types of DDoS attacks
Featured image by Bernard Hermant
Certified ethical hacker. Writer at Candid.Technology. Truly believe that to know everything is to know that you know nothing.