We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Why You REALLY Need to Stop Using Public WiFi

Hilah Mazyar Content Writer & Technical Writer

Public Wifi. Such a convenient and effortless way to surf anywhere on someone else’s dime. While once a rarity, public WiFi is available nearly everywhere you go: coffee shops, airports, hotels, schools and even out on the streets. No one can deny how convenient it is, but should you really be using it?

Public WiFi, also known as a public “hotspot”, is a physical location where you can obtain internet access using WiFi technology via a wireless local area network (WLAN) using a router connected to an internet service provider. While this seems great to everyone who does not want to waste their mobile data, public WiFi is actually the easiest spot for others to see your information. When you connect to a WiFi network, you are sending your own personal information through websites or mobile apps, and it’s really simple for hackers to intercept and damage your information. (It’s so simple, even a seven-year-old can do it).

To show you why you need to STOP USING public WiFi, we list 10 ways you can easily be hacked while using public WiFi.

  1. Unencrypted networks/websites

Encryption is the key to keeping your personal information secure online. It essentially scrambles the information you send over the internet, turning it into a code in order to avoid it being accessed by unwanted third parties. An encrypted website protects the information you send to and from that site only. A secure wireless network encrypts all the information you send, using that same network. Sending your information to sites that are not fully encrypted, and using mobile apps that require personal or financial information, is a very risky game that you do not want to play. If you use an unsecured network to log in to an unencrypted site – other users using that network can see what you see.

Most WiFi hotspots do not encrypt the information you send over the internet and, therefore, are not safe. In fact, if a network doesn’t require a WPA or WPA2 password, it’s probably not secure. This will be the case for most public hotspots.

  1. Bad WiFi setup

Given all of the advancements in information technology and increasingly efficient methods of hacking, simple user errors are one of the most common threats on public WiFi networks. There is no way to guarantee that the business owners or employees who set up the network have taken every measure to ensure data protection. It’s not uncommon for employees to simply leave the default user and password on a WiFi router, making the network ridiculously easy to access.

  1. MitM attacks

One of the most common threats on public networks is called a Man in the Middle (MitM) attack. Essentially, a MitM attack is kind of like eavesdropping. When a computer or phone connects to the internet, data is sent from that device to a service or website. That’s when various vulnerabilities can allow a third party to get in the middle of these transmissions and see them all. Nowadays, with new hacking tools available online for free, hacking public networks is simple, even for users with limited technical know-how. In fact, creating a MitM attack on a public WiFi is so easy, that just to stress that point - HMA ran an experiment during which a 7-year-old girl was able to successfully hack a public network, using only her laptop and some google tutorials. The entire process took the young child less than 11 minutes, at the end of which she was able to steal information right out of other computers connected to the same WiFi network.

  1. Malware

Thanks to security holes and weakness found in operating systems and software programs, attackers can slip malware into your computer without you even knowing about it. Exploit these vulnerabilities is quite easy, by writing code to target a specific vulnerability, then injecting the malware onto your device. If you’ve never had a malware attack, let’s just say you don’t want to put yourself at risk for one.

Person in a coffee shop

  1. Snooping & sniffing

WiFi snooping and sniffing is exactly what it sounds like. Using special software kits and devices that can be purchased online, cyber criminals can easily eavesdrop on WiFi signals. This technique allows the attackers to access everything you do online — entire webpages you’ve visited and any information typed into them, your login credentials for any online account etc, enabling them to use your virtual identity as they please. Think of when you log into your bank account. The hacker can see your username, password, and all of your bank account information, which he can use later on to log in himself and steal your money.

  1. Rogue access points

Rogue access points trick victims into connecting to what appears to be a legitimate network, using a benign-sounding name, such as a name of a business or a hotel you are staying it. As anyone setting up a network can name it whatever they want, you may search and connect to a WiFi network called “Joe’s Cafe”, when the official, legitimate network is actually “Joe’s Coffee”. You will never know the difference and may fall head first into a hacker’s trap. And voila! You’ve just connected to a rogue hotspot set up by cyber criminals who can now see everything you do.

  1. Packet analyzers

Packet analyzers, also known as packet sniffers, are relatively small computer programs that can monitor the traffic on a network. They can even intercept some data packages, and provide info about the contents found within them. At best, these programs can be used in a harmless way, merely for collecting data about traffic. At worst, however, they can also be yet another loophole through which hackers can slither in to see your info.

  1. Evil twins

An evil twin bears striking resemblance to a rogue or malicious access point but excels in its ability to conceal its true intentions. These deceptive counterparts are meticulously crafted to mimic legitimate access points, tricking unsuspecting users. Hackers possess the capability to clone a familiar and trusted access point, generating an indistinguishable replica. Once you unwittingly connect to the twin, it stealthily transmits your information to the hacker. Public WiFi networks, in particular, remain highly susceptible to such insidious attacks.

  1. Ad hocs

Ad hocs are P2P networks, connecting two computers directly. They normally use the same channels as wireless connections. When using a public WiFi network, your computer will most likely be set to discover new networks. This way, hackers can connect directly to your phone or computer if they are within range, as the channels are open to new connections. It’s enough for one end of the WiFi network to allow ad hoc connections to give hackers access to the entire network.

  1. Worms

Worms are very much like traditional computer viruses, but they differ in one key aspect: computer viruses require a program to attach to, in order to work. Worms can actually propagate on their own. When connected to a public WiFi network, without the proper security in place, a worm can squirm into your computer from another device that’s connected to the same network you are using, causing a big ol’ mess on your device.

Without a good VPN to protect our information when going online, we are all just sitting ducks, waiting to be taken advantage of.

Editor's Note: We value our relationship with our readers, and we strive to earn your trust through transparency and integrity. We are in the same ownership group as some of the industry-leading products reviewed on this site: Intego, Cyberghost, ExpressVPN, and Private Internet Access. However, this does not affect our review process, as we adhere to a strict testing methodology.

Rank
Provider
Our Score
Discount
Visit Website
1
medal
9.9 /10
9.9 Our Score
Save 61%!
2
9.2 /10
9.2 Our Score
Save 83%!
3
9.7 /10
9.7 Our Score
Save 83%!

So, next time you’re sitting in your hotel lobby and feel like playing a spritely online game with your buddies back home - don’t. Or, if you must, do yourself a favor and install a proper VPN before you do.

Privacy Alert!

Your data is exposed to the websites you visit!

Your IP Address:

Your Location:

Your Internet Provider:

The information above can be used to track you, target you for ads, and monitor what you do online.

VPNs can help you hide this information from websites so that you are protected at all times. We recommend ExpressVPN — the #1 VPN out of over 350 providers we've tested. It has military-grade encryption and privacy features that will ensure your digital security, plus — it's currently offering 61% off.

Visit ExpressVPN

We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

About the Author

Hilah Mazyar has been writing for as long as she can remember. She has been a content writer for years, for start-up companies, financial institutions, entrepreneurial corporations and technical projects. Hilah joined vpnMentor's staff as a content writer in 2017 with the goal of helping you stay safe and protect your online privacy.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address