Most of the time you’re away from your home network, you will be accessing the Internet using an “unsecured” wireless network – the airport where you’re waiting for your next flight, the local Starbucks or the bed and breakfast you’re staying in halfway around the world. These type networks are ok to use; however, there are precautions you need to take to safeguard your device and any information contained in your transmissions. As you browse the web or send/receive e-mails, the information you’re transmitting will be in plain text. Anyone, nearby you, with easy-to-obtain tools, can steal your information right out of the air. If you’re sending any confidential information, they will have access to it.
Most hackers, in these situations, are looking for people with vulnerabilities – a device or transmission that’s not protected. Information that is quick and easy to obtain. They are most likely not going to spend anytime with anyone who has protections in place.
Now that you’ve protected your devices (see Part 3 of this weeklong series), you’re ready to start using these unsecured wireless networks. Before you do though, let’s take a look at some simple precautions that will help safeguard your transmissions and the accounts (e.g. bank, credit card, Facebook, etc.) you will probably be accessing.
Make sure your security programs are turned on
Before you begin to access the Internet, make sure your firewall, anti-virus program and anti-malware program are TURNED ON and working.
- After connecting to the Internet (from your hotel or any other location), if you receive a pop-up indicating these programs need to be updated, do NOT click on the pop-up. Go to the website itself to update your device’s program. You should not receive a pop-up if these programs are set to auto-update as recommended in Part 3 of this series. I have read articles about hackers who have hacked into a hotel’s Wi-Fi network and configured a pop-up to appear on the device of anyone who just connected to their network. When the user clicks on the pop-up, a virus or malware downloads onto the user’s device.
Word of caution – Do NOT ever trust that a pop-up or link is safe to click on. It’s important to have safe browsing habits and don’t ever click on a pop-up or link unless you know it is 100% safe to use.
Use encryption – probably the most important tool you can utilize
One of the most important and effective safeguards you can use when browsing on an unsecured wireless network is to ENCRYPT all of your transmissions. Encryption scrambles your information (sent and received) and cannot be read by hackers nearby, or anyone else for that matter, unless they have the key to unlock the data. Hackers are not going to waste time on people who are encrypting their data. Nowadays, if you are browsing the web, accessing important accounts or sending/receiving e-mails, you are going to have problems if you are not encrypting what you send and receive. You should not be doing anything on the Internet that’s not encrypted. There are a number of ways to encrypt your transmissions on the Internet so there’s no reason to not use it. Here are some of the most common and effective recommendations.
Ensure the website is encrypted. A website is encrypted if it starts with https or it has a lock symbol on the URL. Most websites start with http. The “s” at the end of https means the website uses SSL (Secure Sockets Layer encryption) to scramble transmissions between you and the website. You will find that most financial websites (e.g. banks, credit card companies, etc.) are encrypted (e.g. start with https). You will also find that many websites where personal information is entered (e.g. e-mail sites such as Gmail, social media sites such as Facebook) are encrypted also.
- Use the browser extension “https everywhere” which is available for the two browsers Firefox and Chrome. Some websites have both an unencrypted site (http) and also an encrypted version (https). Https everywhere will look for the encrypted site anytime there’s one available.
- See Lifehacker’s The Best Browser Extensions that Protect Your Privacy
Many common sites have a secure version (https). For instance, when browsing the web, use Google’s encrypted site encrypted.google.com. This will keep your Internet queries confidential.
Regarding your e-mail, make sure you use a provider whose site is encrypted and noted as such by the “https” in their web address. Many of these providers encrypt your e-mail from your device to their server but not from their server to the recipient. At least this keeps your notes scrambled to the hacker that’s nearby you. Some of these e-mail providers are now working on encrypting e-mail from your device all the way to the recipient.
If using a software application like Outlook, you will need to configure the server connection settings to enable the encryption or SSL as follows:
- For the incoming server (IMAP), you can use port 993
- For the outgoing server (SMTP), you can use port 465
Another highly recommended method for encrypting your Internet transmissions is to use a Virtual Private Network (VPN). A VPN will encrypt all of your transmissions from your device to the VPN company’s server. From the VPN’s server to the website you are connecting to, the information is unencrypted but is sent as anonymous information. This protects you from any hackers who are “sniffing” the unsecured wireless network you are connected to. In most cases, the VPN provider will have servers (with various IP addresses for those locations) throughout the world. You choose which one to connect to.
Another benefit of using a VPN is that it can unblock censorship filters. For instance, when I was in Morocco recently, my daughter wanted to access her NetFlix account in the U.S. Because NetFlix identified our IP address as being out of the U.S., it would not allow her to access her account. By turning on the VPN and connecting to one of their U.S. based servers (and hence a U.S. based IP address), it appeared to NetFlix that we were in the U.S. and allowed her to access her account and watch movies.
I use Private Internet Access, which I have been happy with and costs $39.95 annually when paid on an annual basis – or $6.95 per month when paid on a monthly basis. One thing I have noticed is that the VPN connects when I turn on my laptop; however, sometimes, when I refresh it after it being asleep, the VPN does not re-connect. So just make sure your VPN is connected when using the Internet.
Use an encrypted hotspot, such as Boingo, which encrypts all of its transmissions when you sign up and use their Passpoint program. Boingo’s Wi-Finder also provides free VPN security.
Some of your transmissions are already encrypted based on the device that you’re using. Apple encrypts much of their transmissions such as FaceTime and iMessages. See Apple’s privacy notes.
Connect to the correct wireless network
A hacker can create his/her own Wi-Fi hotspot (e.g. by using their device and connecting to a cellular connection). They can call this hotspot anything they want such as the name of the coffee shop or the hotel you’re at. When you access the available networks, you might see two networks (the one you want to connect to and the hackers which is called the ”evil twin”) that look alike.
Before you connect to a Wi-Fi network, confirm the network’s name with the business owner or representative (e.g. server in a restaurant, front desk clerk in a hotel or B&B). Sometimes, people only ask what the network’s password is. They look at the list of available networks and assume they know the one to connect to. Do NOT assume. Always confirm both the network name and its password. Make sure you are connecting to the one that you want – the good one.
When searching for available wireless networks, do not connect to a network that indicates it is a “computer to computer network”. This can be a hacker’s hotspot created near you hoping for people to connect to their hotspot and provide personal information such as credit card info, usernames, passwords, etc. Connecting to an “unsecured wireless network” is fine – providing you have protections in place and have good browsing habits.
Utilize a strong password to access each of your accounts. See Microsoft for recommendations on how to create a strong password.
Change passwords frequently or as often as you think you need to.
Use unique passwords for each site. Do not use the same password for all of your accounts – or even multiple accounts.
If you find it tough to continue to think of strong passwords or have a tough time remembering your passwords, consider using a password manager, which is an encrypted website or app that will create passwords using random letters/numbers/symbols for you and keep track of them. You only need to remember one password – the one to the password manager site. There are a number of highly recommended password manager sites. Lifehacker provides their take on some of the most popular and recommended ones.
Do NOT click on links contained in e-mails, on websites you’re browsing or on your Facebook account unless you are 100% sure you can trust the link.
Many times, viruses or malware will be embedded into a link. As soon as you click on the link, the virus or malware will be downloaded onto your device. The safest thing is to not click on it or open it. If you really feel the need to open it, before clicking on the link, check to see if it is safe to open. PC World and Bitly provide a couple of suggestions.
Avoid file sharing
Sharing files from one device to another is an easy way to transfer viruses, malware or allow “sniffers” to view potentially confidential information. Unless you have a secure way of sharing, just don’t do it. See 5 Dangerous File Sharing Habits You Need to Break Right Now.
Be especially careful of P2P networks for sharing games and music. If you do download and use a P2P network, do not let it auto-open when you turn on your computer. See the P2P File-Sharing Risks article by OnGuardOnline.gov website for more information about P2P networks.
Be very careful when using a public computer such as one at an airport or a library or an Internet café. Do not access sensitive sites, such as your bank account, credit card accounts or e-mail accounts – any accounts where you input a username, password or any confidential information.
Even if the website and account you’re accessing uses https, you can still be vulnerable. The public computer could have a keylogger program installed that will track your keystrokes enabling someone to obtain your username, password and anything else you enter for the sites you logged onto.
Using 3G/4G instead of a Wi-Fi network
A 3G/4G cellular connection to the Internet is more secure than an unsecured Wi-Fi network. Use it if you’re not able to use encryption.
When you need to connect your laptop to the Internet and a Wi-Fi connection is not available (or you don’t want to use it), consider using your cell phone as a hotspot when it has connection to a 3G/4G network.
Be sure to read the next article 17 Good Browsing Habits, which is Part 5 of our weeklong series Using the Internet More Securely.