Millions of Brits have gambled with their personal data by ‘blindly’ accessing Wi-Fi hotspots, according to a study.
One in five have taken ‘significant risks’ by failing to check if public Wi-Fi connections are legitimate – instead using hotspots which are free, seem to be credible and offer fast speeds.
Worryingly, users could be connecting to ‘fake Wi-Fi’ hotspots which can appear to be reputable but allow cybercriminals to eavesdrop on users and steal usernames, passwords and bank details.
These Wi-Fi connections, which often have innocuous sounding names such as ‘airport Wi-Fi’ or ‘hotel Wi-Fi’, can also redirect victims to malicious malware sites and phishing sites.
Commissioned by cybersecurity coutfit BullGuard, the research of 2,000 adults found seven in 10 have used free public Wi-Fi.
And of those who have done so, more than a third have entered passwords, a fifth have used credit cards and 31 per cent have accessed online banking – all data hackers are after.
Paul Lipman, CEO at BullGuard, said: “Consumers are choosing convenience over safety when using public Wi-Fi.
“Hackers can easily set up malicious hotspots which appear to be legitimate and yet can intercept and record people’s personal data.
“This allows them to steal usernames, passwords, credit card details, bank account information and more.”
The research also found two thirds of public Wi-Fi users have set up their devices to automatically connect to the nearest hotspot – putting their personal details on the line.
Lipman added: “If your device is set up this way, and if you’re not paying attention when you first choose a hotspot, even once, and you accidentally choose something malicious, your device will automatically select it every time it is within range.”
Further to this, four in 10 users habitually connect to hotspots with a name reflecting the location they are in such as ‘library Wi-Fi’ or ‘restaurant Wi-Fi’ – again this could be a risky move.
But despite taking gambles like these when using public Wi-Fi, the BullGuard study carried out through OnePoll found 62 per cent are ‘afraid’ their devices will be hacked.
The biggest worries are theft of bank details (68 per cent) and passwords (56 per cent) – followed by personal emails being accessed (27 per cent).
Lipman said: “The findings show that respondents do not feel safe online, yet they are ignoring their fears and are using hotspots without checking they are safe.”
The research also identified confusion around staying safe when using public Wi-Fi – almost half are mistakenly under the impression antivirus software will protect their data.
Lipman added: “Although essential for detecting and removing malware from your device, antivirus offers no protection at all from having your data intercepted by a malicious hotspot.”
“But a Virtual Private Network (VPN) is an effective way of keeping you safe online when using public Wi-Fi.
“It creates a secure connection tunnel between your device and the websites and services you are accessing to keep you safe whether you’re using a smartphone or laptop on public Wi-Fi in a café, or if you want to check online banking accounts from an airport or hotel.”
Amid this, six in 10 admitted they don’t use Virtual Private Networks (VPNs) when connecting to hotspots and 57 per cent believe they are ‘too complicated’ to use.
TOP ACTIVITIES CARRIED OUT WHILST ON PUBLIC WI-FI:
1. Logging into a personal email account (42 per cent)
2. Using Social Media or any other account with auto login (36 per cent)
3. Logging into any account requiring a password (31 per cent)
4. Filling in forms with personal details – e.g. name, address, date of birth, telephone number (18 per cent)
5. Online banking (17 per cent)
MOST POPULAR PLACES TO USE PUBLIC WI-FI:
1. Hotels (53 per cent)
2. Coffee shops/restaurants (51 per cent)
3. Airports (48 per cent)
4. Public transport (37 per cent)
5. Retail shops (31 per cent)
STAYING SAFE ON PUBLIC WI-FI NETWORKS:
TERMS OF SERVICE
The majority of genuine public networks will ask the user to agree to their terms of service before linking up.
Instead, if you gain immediate access to unrestricted browsing tread carefully – it could be a rogue access point.
BEWARE OF ‘FREE’
Fake public Wi-Fi hotspots typically copy public domain names and add the word ‘free’ as a hook to lure users.
For example, if you’re in a coffee shop, you might see two Wi-Fi options – one called ‘Coffee Shop Wi-Fi ‘ and the other called ‘Free Coffee Shop Wi-Fi ‘.
One of these could be a malicious network and it’s likely to be the free one –
if you’re not sure ask an employee.
If you purposely enter a wrong password to a password protected hotspot and you don’t get an error message the access point is likely fake.
Fake hotspots will commonly let anyone access them regardless of the password entered.
SLOW NETWORK CONNECTIONS
Look out for very slow network connections.
This could be a sign the hacker is using mobile internet to connect you to the web using the fake hotspot.
Pay attention to the address bar of the websites you visit.
If for instance a banking website shows HTTP instead of HTTPS – your connection is unsafe.
HTTPS with a padlock symbol means data is encrypted.
HTTP connections without a padlock are unsafe.
Always use a VPN such as BullGuard VPN on your tablet, phone or laptop.
The VPN tunnel stops people from seeing what you are doing and VPN encryption scrambles your data rendering it useless to hackers.
WHAT IF YOU CONNECT TO A POTENTIAL FAKE HOTSPOT
If you suspect you have connected to a compromised hotspot, follow these steps:
• Disconnect as quickly as possible.
• Clear your list of saved Wi-Fi connections to avoid connecting to the same one in the future.
• Clear your browser cache.
• Run antivirus and malware checks.
• Change the password to any site you logged in to, and any other websites that use the same login information.
• Call your bank and cancel any bank cards if you used them over the connection.