The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Free Wi-Fi May Have High Cost

Wi-Fi users take significant risks when choosing hotspots.
13 August 2019
 

New research has revealed that 79% of public Wi-Fi users take significant risks when choosing hotspots. Instead of taking the time to check that a hotspot is legitimate, users are selecting hotspots based on Wi-Fi- strength, a name that seems appropriate or just picking any free option.

Unexpectedly, the figure is highest for the most experienced Brits, with 86% of daily public Wi-Fi users putting convenience ahead of safety when choosing hotspots.

The survey carried out by cybersecurity company, BullGuard, revealed that 4 in 10 users look for a Wi-Fi name that somewhat matches their location, for example ‘coffee shop Wi-Fi’ – but this is exactly the type of name hackers set up to try and fool people into choosing a malicious hotspot with the intention of stealing personal data.

 

Sensitive data

Even though they’ve spent little or no time checking that a hotspot is legitimate, many respondents are accessing websites using very confidential data. More than a third of daily public Wi-Fi users log into personal accounts requiring a password, 22% use credit cards, and 31% log into online banking, exactly the type of data hackers are looking to steal.

Despite their eagerness to get online, most people are also very concerned about safety with less than one in ten being ‘very confident’ that they know how to stay safe when using public Wi-Fi.

Furthermore, 62% of daily public Wi-Fi users admit to being afraid that their devices will be hacked and their information stolen. Consumers are most worried about the safety of banking info (68%), passwords (56%) and email content (27%).

 

Ignoring fears

“Brits are choosing convenience over safety, when using public Wi-Fi. The findings show that respondents do not feel safe online, yet they are ignoring their fears and are using hotspots without checking they are safe,” said Paul Lipman, CEO at BullGuard. “Hackers can easily set up malicious hotspots which appear to be legitimate and yet can intercept and record people’s personal data, allowing them to steal usernames, passwords, credit card details, bank account information and more.”

 

Auto connect

The BullGuard survey also revealed that 63% of people that use public Wi-Fi daily have their devices set up to 'automatically connect to the strongest Wi-Fi signal' or to ‘automatically connect to Wi-Fi hotspots they've used before.’

“If your device is set up this way and if you're not paying attention when you first choose a hotspot, even once, and you accidentally choose something malicious, your device will automatically select it every time its within range,” Lipman added.

 

Anti-virus failure

Anti-virus weaknesses Even if users think they're protected, worryingly the results show that consumers aren’t sure how to keep themselves safe when using public Wi-Fi with almost half (47%) believing anti-virus software will prevent their data from being intercepted.

“Although essential for detecting and removing malware from your device, anti-virus offers no protection at all from having your data intercepted by a malicious hotspot,” said Lipman.

"A VPN (Virtual Private Network) is an effective way of keeping you safe online when using public Wi-Fi. It creates a secure connection tunnel between your device and the websites and services you are accessing to keep you safe whether you’re using a smartphone or laptop on public Wi-Fi in a café or if you want to check online banking accounts from an airport or hotel."

 

Complicated

However, the survey revealed that 60% don’t use a VPN, with 57% of those respondents saying they think it’s too complicated or that they don’t know how to use one.

“A VPN doesn’t need to be complicated. For example, BullGuard VPN is designed for regular users. It doesn’t require technical knowledge, install it on your device and it just works 24/7,” concluded Lipman.

 

Top activities carried out whilst on public Wi-Fi:

  • Logging into a personal email account (42%).

  • Using Social Media or any other account with auto login (36%).

  • Logging into any account requiring a password (31%).

  • Filling in forms with personal details - e.g. name, address, date of birth, telephone number (18%).

  • Online banking (17%)

 

Most popular places to use public Wi-Fi:

Hotels (53%).

Coffee shops/restaurants (51%).

Airports (48%).

Public transport (37%).

Retail shops (31%).

 

Staying safe on public Wi-Fi networks

The majority of genuine public networks will ask the user to agree to their terms of service before linking up. If you gain immediate access to unrestricted browsing, tread carefully - it could be a rogue access point.

 

Beware of ‘free’

Fake public Wi-Fi hotspots typically copy public domain names and add the word ‘free’ as a hook to lure users. For example, if you’re in a coffee shop, you might see two Wi-Fi options - one called 'Coffee Shop Wi-Fi ' and the other called 'Free Coffee Shop Wi-Fi '. One of these could be a malicious network and it’s likely to be the free one - if you’re not sure ask an employee.

 

Wrong passwords

If you purposely enter a wrong password to a password protected hotspot and you don’t get an error message the access point is likely fake. Fake hotspots will commonly let anyone access them regardless of the password entered.

 

Slow network connections

Look out for very slow network connections. This could be a sign the hacker is using mobile internet to connect you to the web using the fake hotspot.

 

Secure websites

Pay attention to the address bar of the websites you visit. If for instance a banking website shows HTTP instead of HTTPS - your connection is unsafe. HTTPS with a padlock symbol means data is encrypted. HTTP connections without a padlock are unsafe.

 

Use VPNs

A VPN tunnel stops people from seeing what you are doing and VPN encryption scrambles your data rendering it useless to hackers.

 

What if you connect to a potential fake hotspot?

If you suspect you have connected to a compromised hotspot, follow these steps:

  • Disconnect as quickly as possible.

  • Clear your list of saved Wi-Fi connections to avoid connecting to the same one in the future.

  • Clear your browser cache.

  • Run antivirus and malware checks.

  • Change the password to any site you logged in to and any other websites that use the same login information.

  • Call your bank and cancel any bank cards if you used them over the connection.

Picture: Wi-Fi users take significant risks when choosing hotspots.

 

Please feel free to distribute the contents of this article to all staff.

Article written by Brian Shillibeer | Published 13 August 2019

Share



Related Articles

Security Everywhere – Cyber Security Essentials Q&A Part Two

In Part 2 of our Q&A with cyber security expert Francis West, we discuss simple actions we can all take to be more cyber safe, what to do if you receive a suspicious...

 Read Full Article
Southwark Council Discusses 'Serious Failings’ Over Devon Mansions Project

A Southwark Council committee meeting has seen residents and councillors raise concerns over the state of work, behaviour of external contractors and potential fraud in...

 Read Full Article
A Quarter of UK Construction Companies Have Experienced Fraud Over the Last Year

A survey report on fraud in the construction industry reveals the most common experiences and negative impacts on businesses in the UK. Data collected from the Fraud...

 Read Full Article
10 Construction Firms Involved in Contract Bid Rigging

The Competition and Markets Authority has provisionally found that ten construction companies have been involved in “illegal cartel agreements” when...

 Read Full Article
BESA Tightens Security After Fraud Incident

The Building Engineering Services Association (BESA) says it has carried out a thorough review of the security procedures behind its online training schemes...

 Read Full Article
Fighting Corruption With Due Diligence

Gavin from Expeditious Services explains why it’s important to collectively promote a culture of honesty and integrity in FM. Gavin McGuinness is the...

 Read Full Article
Property Development Company Shut Down After £1m Fraud

A fraudulent property development company, Exmount Construction Limited, has been liquidated after misleading investors. The company produced a professional-looking...

 Read Full Article
Furlough Fraud Bill up to £3.5bn, Says Tax Authorities

The government has said that up to £3.5bn may have been fraudulently or mistakenly claimed under the Coronavirus Job Retention Scheme. Speaking to the Commons...

 Read Full Article
Searle Searcher - Pioneer Crosses Antarctic With FM Co Help

RSK, a UK-based environmental and engineering consultancy, has helped a pioneering woman achieve her goal of trekking to the South Pole - and raising awareness of the...

 Read Full Article
Nice People Come Last at Christmas

An HSBC report says fraud victims (especially during the festive season) are 10 per cent ‘nicer’ than those who’ve not suffered at the hands of...

 Read Full Article