We have all done it: connected to a free public WiFi network we did not know to check emails, read the news, or scroll Instagram. What we often do not think about is that the same convenience that makes public WiFi so easy to use is also what makes it so attractive to hackers. Since most public WiFi services lack a strong password, they are vulnerable to a number of techniques that hackers can use to observe your online activity, collect your personal and financial data, or even break into your device.

Risks of using Public WiFi

Here are some fairly simple exploits that a hacker could use to access your device while you are connected to public WiFi:

1. Man-in-the-middle

In a MITM attack, the hacker intercepts the network traffic being transmitted between your device and the WiFi router, allowing them to monitor your online activity and even alter your interaction with websites. One method is called “ARP spoofing” in which the hacker associates their media access control address with the IP address of your device causing any traffic meant for your IP address(new window) to be shared with the hacker. This can all be done without the end user – you – realizing anything is amiss. Meanwhile, the hacker behind the MITM attack could potentially read every email you open and watch every password you enter. They can even redirect you to spoof websites, which look like the legitimate website you wanted but are actually under the control of the hacker, allowing them to steal any information you enter

2. Malicious hotspots

Often when you are in an airport or in a mall looking for free WiFi you will see several WiFi networks with very similar names, like “Airport_WiFi,” “Airport_Public_WiFI,” and “Airport_WiFi_Free.” In these cases, it is very likely that a hacker has created their own hotspot and is trying to pass it off as the legitimate public WiFi. If you connect to a hotspot controlled by a hacker, all your network traffic is visible to them unless you are using a VPN.

3. Malware

If you have enabled file-sharing or Bluetooth or if you are connected to an unsecured WiFi network, hackers can connect to your device and send it malware. This is what the hacking group known as “Darkhotel(new window)” did, targeting business travelers that stayed at luxury hotels. Malware encompasses a lot of nasty software and programs that are designed to steal your bandwidth, shut down your device, or even give complete control of it to a hacker. What’s worse, most malware works in the background of your device’s operating system, making it hard to detect and eliminate without the proper software.

4. WiFi sniffing

There are numerous programs available that allow you to monitor a hotspot’s network traffic. If the WiFi network is not secured, either due to a reliance on insecure protocols or because there is no password or both, these types of programs allow hackers to capture data packets and analyze them. With this information, they can easily monitor your online activity, steal your passwords, and see any personal or financial information you access while you are online.

5 ways to stay safe on public WiFi

While public WiFi will never be 100 percent secure, there are some simple steps that you can take to reduce your vulnerability.

1. Use a trustworthy VPN

A VPN(new window) is the best protection you can have when connecting to a public WiFi network. A VPN will encrypt your network traffic, meaning that even if someone is intercepting your data, they still cannot see it without decrypting it. This makes it impossible for them to monitor your online activity in real time. A VPN combined with HTTPS(new window) makes it very difficult for a hacker to perform a MITM attack.

2. Use HTTPS to ensure you are visiting the right site

If you visit sites using HTTPS (or if you use the EFF browser extension HTTPS Everywhere(new window)) you are encrypting part of your network traffic and making it more difficult for someone running a MITM attack to send you to a spoofed website they control.

3. Disable automatic connections, Bluetooth, and file sharing

You should always be aware of what network your device is connected to. The easiest way to do this is to disable automatic connections. That way you will need to select what WiFi network you connect to. It may add an extra step, but it prevents your device from being connected to a WiFi network and exposed to risks without you knowing. The same logic applies to Bluetooth and AirDrop and other file sharing services. Only activate Bluetooth(new window), AirDrop(new window) or other file sharing services for a specific function and then turn it off once you are finished.

4. Know who runs your hotspot – and ask for the password

Before logging on, you should always find an employee of the hotel/café/airport you are in and ask them if they have free WiFi and what the name of their network is. This will help you avoid connecting to malicious and fake hotspots. Even if you verify the WiFi network is genuine and it is password-protected, we still advise you to avoid using it without first protecting your connection with a VPN.

5. Avoid sensitive accounts

If you use public WiFi without a VPN, the best way to ensure your personal data is not compromised is to not check accounts that could expose that information. Even if someone has successfully begun monitoring your online activity, if you do not check your bank accounts, open your emails, or read private messages while you are on public WiFi, then then they cannot access them either. If you are going to check any type of sensitive account on an unsecured network, always use a VPN.

Proton VPN is brought to you by Proton Mail, the world’s largest encrypted email provider(new window). It is a free VPN service that provides IP addresses in 43 countries and counting.

There will always be a security risk if you use public WiFi, but that does not mean you should never use it. The basic precautions listed above will help you keep your personal data safe from the majority of attacks against public WiFi hotspots.

Best Regards,
The Proton VPN Team

You can follow us on social media to stay up to date on the latest Proton VPN releases:

Twitter (new window)Facebook(new window) | Reddit(new window)

To get a free Proton Mail encrypted email account, visit: protonmail.com (new window)

Protect your privacy and security online
Get Proton VPN free

Related articles

Why a VPN is important when working remotely
In 2023, roughly 40% of workers in the US worked remotely or on hybrid schedules (some days in the office, some days at home). This arrangement offers benefits to employees and employers, but it also introduces new cybersecurity vulnerabilities, like
Proton VPN now operates one of the largest VPN server networks in the world.
At Proton VPN, we’ve reached a new milestone in our mission to make online privacy the default for everyone. Now offering over 5500 servers on six continents, Proton VPN is one of the largest and most popular VPN services in the world. And we’re grow
What is DNS security?
In this article, we’ll look at DNS security, what it means for your businesses, and how using Proton VPN provides your business with the DNS security it needs.  The Domain Name System (DNS) translates human-friendly domain names to numeric IP addres
Paris Olympics
The 2024 Summer Olympics in Paris begins this July. While you’ve likely already missed your chance to get a ticket and witness the best athletes from around the world in person, there are plenty of ways to enjoy the games from the comfort of your hom
Where to watch euros
Every four years, the entire continent of Europe turns its eyes to see who will be crowned as the continent’s champion of football (or soccer for the Americans).  This is the 17th edition of the UEFA European Football Championship, in which 24 natio
How to enable location services
Location services refer to a combination of technologies used in devices like smartphones and computers that use data from your device’s GPS, WiFi, mobile (cellular networks), and sometimes even Bluetooth connections to determine and track your geogr