Sometimes you need to get online and you have to use the public WiFi that’s available to you. When this happens, take the following precautions to use the network more safely.
Use only known, official access points
Hackers can trick people by setting up malicious WiFi access points in public places. They can set up a network that looks like a business’s official guest network, even if the business doesn't have one at all. Or, they can set up a second network with a name that is similar to the official one. For example, if JetBlue offers WiFi to its patrons, they might name their network “JetBlue,” but a hacker could set up a second one, named “JetBlue-guest” or something similar, hoping that you choose theirs.
When you must connect to a public wifi network, only connect to known or official networks. If you’re patronizing a restaurant or another business, and unsure which WiFI network is the one that they’re hosting, try asking an employee. If you’re in a larger venue, like an airport or a conference center, you may be able to find the name of their network on their website, either before your trip or by visiting the site using your phone’s data plan.
Avoid unsecured WiFi networks
Secure networks should have a lock icon next to the network names when you look at the list of available connections. Don’t connect if you don’t see that lock! Even if this network is known to you, you should not connect to it.
Only visit secure websites
If you’re on a network you aren’t certain you can trust, make sure all the websites you visit are using encryption. If a website has encryption enabled, you will see a lock icon in your browser, and the URL will start with “https,” instead of just “http.” Website encryption ensures the contents of the website are kept secret, and prevents the WiFi owner or anyone else using the WiFi from altering its contents. But they can still see which websites you are visiting! If the website is not encrypted, it’s less safe to visit it on WiFi you don’t trust.
The browser extension HTTPS Everywhere will ensure that you’re always using website encryption if it’s available on the sites you’re visiting. HTTPS Everywhere can only add security when you visit websites that support HTTPS. So, it’s important to remember that you should never enter any kind of sensitive information into websites that are not encrypted, no matter what network you are using.
Turn on your firewall
Enabling your firewall will reduce the chance that an attacker can successfully target and exploit your device while you are using WiFi. If you do not know how to enable your firewall, you can download Stethoscope. Stethoscope is a free app that will check to make sure your firewall is on, and if it’s not, walk you through how to turn it on. It also checks for other basic device security settings.