The number of coffee shops, restaurants, and other stores that are offering free wireless internet access to their customers through 802.11B/G/N technologies (more commonly known as WiFi) has seen a dramatic increase in the last few years. In just about every major metropolitan “down town” area, you’ll be hard-pressed to find a location where there isn’t a WiFi signal available. These publically available are very convenient, but if you’re not careful using them, they can leave you open to become a victim of identity theft.
If you only use your laptop to browse your favorite news sites and check your personal email, you probably don’t have a ton to worry about. However, if you use your bank’s online banking service, login to your PayPal account, login to your eBay account, or login anywhere that money could potentially be transacted then you need to take certain precautions to make sure that you are on a secure connection.
So how do you protect yourself? First, remember that you are on the exact same network as everyone else in the room without a firewall in-between you. If you have any shared folders on your computer, they can probably access them. You’ll want to turn on the Windows Firewall or use your own firewall solution and turn off any shared folders that you might have open. You’ll also want to make sure that your copy of Windows (or whatever operating system that you’re using) is up to date and has the latest security patches.
Second, if you’re going to logon to your bank’s website, your eBay account, your PayPal account or your investment account, make sure that their website is using SSL. This stands for “secure socket layer” and essentially encrypts the communication between you and the bank. That way, if you were to type in your password and send it off to eBay for validation, nobody except eBay would be able to see the network traffic that you are generating which will validate your password. You can make sure that you are on a secure connection if the URL you are on starts with “https” rather than HTTP. You need to be especially careful as some are prone to banking scams especially seniors.
If you have access to a business or corporate VPN, you should make use of it. A Virtual Private Network (VPN) offers you a secure way to communicate with your home or work’s network. This will add another layer of encryption your network traffic and make it, in all practicality, impossible for anyone to see the network traffic that you are sending over the air. You can also use services such as OpenVPN and HotSpot VPN if you don’t have a VPN available at work. These will safely encrypt your wireless network traffic.
Some hackers have been known to create their own “access points” and attempt to get unsuspecting victims to connect to them. In doing this, they are acting as a pass-through and collecting all of the information that you are sending through the connection, including any passwords that you send to insecure websites. You need to make sure that the network you are connected to is legitimate. You can do this by making sure that the SSID (the name of the wireless network) matches up with the name of the store that you are at.
If you are not using the internet, shut off your wireless network card. This will prevent it from automatically connecting to a network that you didn’t intend to. It’s also a good idea to run a security suite such as AVG (it’s free), that will let you know if you’ve been infected with any sort of Trojan or other virus.