Information ServicesPublic Wi-Fi hotspots

Free Wi-Fi in hotels, restaurants, and coffee shops may seem convenient. But using public hotspots can make you an easy target for hackers. Cybercriminals often target public Wi-Fi to steal confidential information from unsuspecting users.

What are the risks of using public Wi-Fi hotspots?

Man-in-the-middle attacks

Data passing over a public Wi-Fi network is often unencrypted. A man-in-the-middle attack is when a hacker intercepts the data travelling between your device and the Wi-Fi router.

This makes it possible to steal confidential information, such as passwords or credit card details. It leaves you vulnerable to identity theft and fraud. The software used to snoop on unencrypted network traffic is readily available on the internet.

Rogue hotspots

Cybercriminals set up a Wi-Fi point, usually with a name very similar to the legitimate hotspot. This tricks people into connecting to their network. If you connect to the rogue hotspot, the hacker can intercept your data or inject malware into your device.

Top tips for public Wi-Fi hotspots

Make sure any website you are using has a secure HTTPS connection. The full web address (URL) should begin with HTTPS rather than HTTP, which is not encrypted. You can tell if a website uses HTTPS if the browser displays a padlock next to the URL.

Avoid using password-protected websites that contain sensitive information, like online banking, email and social media. If you do want to access these services, it's better to use your mobile phone network instead of public Wi-Fi.

Be aware of rogue hotspots, often with names very similar to authentic public Wi-Fi networks. Take the time to check that you are connecting to a legitimate network. If in doubt, ask an employee at the location to verify the correct name of the Wi-Fi point.

Set your mobile device to 'ask' before it connects to a Wi-Fi network, rather than automatically connecting to an available network. Hackers can easily spoof a Wi-Fi network's broadcast name. Check your settings to make sure the device asks first. This will allow you to make a decision about whether it's safe to connect or not.

Apply software updates and use anti-virus to reduce the risk of being infected by viruses or malware when using unsecured public Wi-Fi.

Consider using a virtual private network (VPN) if you regularly work with confidential information whilst on the move. VPN software protects you by encrypting all your network traffic.

How can I make sure my home Wi-Fi is secure?

Make sure your wireless router is secure:

  • make sure it's password-protected with a strong password
  • of the three main encryption levels available (WEP, WPA and WPA2), choose WPA2 because it's the most secure

Other people may gain access to your home network if it is not secure. Unauthorised users may:

  • access sensitive information
  • affect the online speed of your devices 
  • use your download allowance
  • download inappropriate material, which would be traced to your address