We’ve all been there before–killing time at the airport, meeting up with a colleague at a local coffee shop, staying at a hotel…–and we want to connect to the Internet. Nearly everyone offers free Wi-Fi these days, including lots of cyber criminals. They’ve become so good at mimicking legitimate hotspots that you’d better know what you’re looking for before you connect! Here are our top six tips to stop those Wi-Fi Hotspot Hackers.
Don’t connect to an Evil Twin.
An Evil Twin is a rogue wireless access point that masquerades as a legitimate Wi-Fi access point. It’s relatively easy for hackers to set these up and gather personal or corporate information without the end-user’s knowledge. It will most likely have a name similar to the real hotspot. To prevent this from happening:
- Make sure you’re connecting to a legitimate public Wi-Fi network by asking the café, airport, hotel, library, etc. for the correct hotspot name.
- If the Wi-Fi hotspot forces you to enter a user name and password, it is considerably safer than those that require no password.
- When you are finished using a hotspot, log off the Wi-Fi connection and forget the network. Failing to do so allows mobile devices to re-connect to that network when you simply walk by that location.
Tether your laptop or tablet to your phone.
Also known as a personal Wi-Fi hotspot, tethering is the act of using your smartphone’s encrypted cellular connection to the Internet to surf securely from your laptop or tablet.
- To tether your computing device to your smartphone, simply contact your mobile provider (Verizon, AT&T, Sprint, T-Mobile, etc.) and let them know that you want to be able to connect your computing device to your smartphone.
- It costs about $15 per month– well worth the protection. Your provider will turn it on and will walk you through setting up both your smartphone and device so that they communicate with the Internet in a well-protected manner.
- Many tablets, like the iPad, now come with cellular data access built into the device so you never even have to utilize free Wi-Fi (though it’s still safe to use the secure Wi-Fi in your home and office).
- Or, just use your smartphone!
Make sure you’re surfing with HTTPS.
In your browser’s URL bar, make sure that the address starts with https://. The “S” stands for secure, and encrypts your communication between the computer and the Internet, so that it can’t be easily “sniffed” by hackers.
- HTTPS connections should show a lock symbol in the URL bar (and sometimes the bar itself turns green when you are on a secure connection).
- If you don’t have HTTPS access, use your cellular connection to surf.
- At a minimum, avoid all banking, credit card, email and financial transactions or anything that requires you to give out your personal information.
Patch your software.
- Keep your browser and operating system up-to-date with security patches, but don’t do it on Wi-Fi; update when you have a secure connection at home or at work.
- Having the latest software limits the “hacker back doors” that allow criminals into your system.
Turn off file sharing.
- Both Macs and PCs have file sharing capabilities that when turned on, expose your files to others on your network (including strangers on a free Wi-Fi hotspot).
- In your system settings, uncheck the box that allows file and printer sharing through your computer.
Turn on your VPN.
- A Virtual Private Network encrypts (protects with a passcode) the traffic between your device and the VPN server. This effectively takes the man-in-the-middle (a Wi-Fi sniffer) out of your communication to the Internet.
- VPNs can either be personal (e.g., SecurityKISS) or set up by your company’s IT department.
While all of these tips are valuable tools to keep your data secure, if you are the type of person who rarely even utilizes the Internet away from home, you may not want to take the time to do all of them. At the very minimum, before you ever enter any information online (financial, passwords, personal information), INVESTIGATE how you’re connected, THINK about who has access to your data and consider whether it can wait until you KNOW you’re on a secure connection.
John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.