Today, there are hundreds of millions of Wi-Fi networks around the globe. Some are home networks, some are office networks, and many are public Wi-Fi networks you find at cafes or airports. Undeniably Wi-Fi hotspots are comfortable. But when it comes to cybersecurity, they’re not so good.
Smartphones significantly increased Wi-Fi demand. What’s more, many people connect to these networks without considering the dangers. In 2017, a huge security vulnerability compromised these networks. It exploited the WPA2 protocol that is used for wireless communication. Known as the KRACK attack, it allowed hackers to monitor wireless communication. To make things even worse, it completely bypassed encryption protection.
Cybercriminals are still targeting Wi-Fi hotspots, which often lack adequate cybersecurity protocols. And it’s an easy profit – people use these networks to perform daily internet operations, including money transfers.
But using public Wi-Fi for online banking is a horrible idea. Here are three reasons to avoid it:
Man In The Middle Attacks
MITM attacks are as efficient as they are sophisticated. When you join a public Wi-Fi network, you never know who else is connected to it. Cybercriminals use advanced software to intercept communication. Hence the attack name. Acting as an intermediary, they can monitor your information.
Moreover, they could redirect your traffic to an alternative address. For example, they might create an Amazon mirror site. Except when you’re there, all the details will end up in the wrong
hands. Their ultimate goal is to get your payment details. You are at severe risk if you perform a banking operation on a compromised network.
You can solve this issue with additional encryption software. Most people use Google Chrome to browse the internet. Install a VPN for Chrome before connecting to public Wi-Fi. Once you switch it on, it will obfuscate your original IP address and apply additional encryption. So even if you’re in the middle of a MITM attack, hackers won’t be able to decipher your traffic.
Evil Twin Attacks
Evil twin attacks are very popular because they’re easy to execute. Here’s how it works: a cybercriminal establishes an alternative Wi-Fi access point. For example, they duplicate Starbucks’ Wi-Fi. Instead of the official “Starbucks”, they call it “FreeStarbucksWi-Fi”. Many people can’t tell the difference and will connect to either one. Once connected to an “evil twin”, they will lose confidential data. Moreover, it can redirect your traffic or infect your device with malware.
It’s best to always carefully inspect public Wi-Fi names before connecting. If you’re unsure, go to the employees and verify which one is right. This attack is widely popular in bars, hotels, and airports.
Sidejacking
Sidejacking is another way to steal data. When you communicate with HTTPS websites, your traffic is encrypted. However, some packets coming back to your device might not be. You exchange cookies when you use Facebook, Amazon, or other login-required websites. If you receive an unencrypted cookie, the hacker can steal it and can take over an account.
As you can see, hackers don’t need to steal your credentials. Nor are they stopped by encryption. They can go straight to the source and steal the cookie that represents you online. Public hotspots frequently become targets because people use them openly.
Final Thoughts
These are just three of the most common types of Wi-Fi attacks. The worst thing is that they are relatively easy to carry out. For example, an evil twin attack requires no prior hacking knowledge. There are numerous guides for a MITM attack. And there’s free hacking software that hackers gladly share.
This makes public Wi-Fi hotspots preferable targets for young hackers. They test out their skills on these networks before performing more dangerous operations. One way or another, if you use these networks for sensitive activities like banking, you’re at risk.
Nowadays, mobile data plans are affordable. It’s a perfect way to avoid Wi-Fi dangers. But there are situations where Wi-Fi is the only connection option. Use a VPN every time you connect to such a network. Without additional encryption, your information is as public as the Wi-Fi.