With Internet fraud mushrooming, PC World’s article “Here’s what an eavesdropper sees when you use an unsecured Wi-Fi hotspot” at http://www.pcworld.com/article/2043095/heres-what-an-eavesdropper-sees-when-you-use-an-unsecured-wi-fi-hotspot.html is essential reading for you if you ever use any hotspot, anywhere.
The author set himself up at a local coffee shop to capture other patrons’ Wi-Fi signals and, like the nursery rhyme bear, “to see what he could see”. He saw a lot –
- Webpages visited
- Emails
- FTP login credentials
- Private accounts on Gmail, LinkedIn, Yahoo, and Facebook (an ideal hijacking opportunity for a fraudster)
Read the full article for details, and follow the advice in the last paragraph “How to use Wi-Fi hotspots securely” (See below).
Source: Law Dotnews September 2013
How to use Wi-Fi hotspots securely
Now that you’ve seen just how easy it is for someone to eavesdrop on your Wi-Fi, here’s how you can use a public hotspot with some degree of security:
- Every time you log in to a website, make sure that your connection is encrypted. The URL address should start with https instead of http.
- You also need to make sure that the connection stays encrypted for all of your online session. Some websites, including Facebook, will encrypt your log-in and then return you to an unsecured session—leaving you vulnerable to hijacking, as discussed earlier.
- Many sites give you the option of encrypting your entire session. You can do this with Facebook by enabling Secure Browsing in the Security settings.
- When you check your email, try to login via the Web browser and ensure that your connection is encrypted (again, look for https at the beginning of the URL). If you use an email client such as Outlook, make sure your POP3 or IMAP and SMTP accounts are configured with encryption turned on.
- Never use FTP or other services that aren’t encrypted.
- To encrypt your Web browsing and all other online activity, use a VPN, or virtual private network (this article will show you how).
- Keep in mind that private networks have similar vulnerabilities: Anyone nearby can eavesdrop on the network. Enabling WPA or WPA2 security will encrypt the Wi-Fi traffic, obscuring the actual communications, but anyone who also has that password will be able to snoop on the packets traveling over the network. This is particularly important for small businesses that don’t use the enterprise (802.1X) mode of WPA or WPA2 security that prevents user-to-user eavesdropping.
Source: http://www.pcworld.com/article/2043095/heres-what-an-eavesdropper-sees-when-you-use-an-unsecured-wi-fi-hotspot.html