Wireless Tips & Tricks: Protecting Yourself at Hotspots

Wireless Tips & Tricks: Protecting Yourself at Hotspots


I keep reading stories about Wi-Fi "phishing" attacks, such as at recent conventions in Las Vegas and London. What are these attacks and how can I protect myself?

Top 10 Security Tips for Public Hotspots

  1. Make sure you're connected to a legitimate access point.

  2. Encrypt files before transferring or emailing them.

  3. Use a virtual private network (VPN).

  4. Use a personal firewall.

  5. Use anti-virus software.

  6. Update your operating system regularly.

  7. Be aware of people around you.

  8. Use Web-based email that employs secure http (https).

  9. Turn off file sharing.

  10. Password-protect your computer and important files.


So-called "Evil Twin" networks have been around for a while, where hackers place access points in hotspot areas to hijack traffic. But a new, more dangerous, twist has cropped up recently and is what you are seeing reported widely in the news.

The new twist adds a fake login page that looks just like the real thing -- like a lure that attracts fish, hence the name -- enabling phishers to capture your passwords and credit card information, load viruses and spyware onto your machine, or simply capture everything you type or transmit over the Internet.

How can you protect yourself? Take simple precautions like checking the SSID of the network you are connecting to, making sure that you are in a legitimate hotspot area.

Most importantly, when signing in at pay hotspots, only type your username, password, or credit card information into a secure Web page. You'll know the page is secure if you see "https" in front of the sign-in page's Web address and you also see the lock icon on your browser window. However, if your browser presents an alert that the page's security certificate is expired or invalid, you're better off moving to another hotspot down the street.

Remember that at most hotspots, even if you sign in securely, your data is transmitted in the clear, easily intercepted by anyone close by unless you use a Virtual Private Network (VPN) service.