Protect Yourself from Smarter Wi-Fi Scams

Data interception and manipulation are risks on public networks. When a network is unencrypted or has weak security, you risk your data being seen and read. And if you're in a public place, you may encounter fake hotspots that appear legitimate, or be lured into a phishing attempt by logging in to fake pages that masquerade as legitimate ones. Exploits have become more complex, and more people are accessing and using Wi-Fi-enabled devices. To protect yourself in those unsafe situations, verify the public connection and check every HTTPS-encrypted web page. Lastly, to be on the safe side, consider using a trusted VPN to keep your data encrypted while on the same network. Your data can be manipulated and intercepted Man-in-the-Middle attacks and ARP spoofing are real threats Man-in-the-Middle attacks are much more real and considered a common threat when you're dealing with exposed Wi-Fi networks. Open networks, such as those you find at airports and cafés, don't offer the same level of security as those you pay for from your ISP. Man-in-the-Middle attacks exploit this. Malicious actors use them to impersonate the connection, steal sensitive data, or inject malware directly onto the user's device. One example of how man-in-the-middle attacks are facilitated is by having hackers set up fake networks or use ARP spoofing. ARP spoofing, or poisoning, is a common exploit that tricks devices connected to a local area network into associating with the attacker's Media Access Control (MAC) and IP address. ARP spoofing allows an attacker to redirect network traffic to their own device, allowing them to see exactly what you're doing. It can also be used to intercept, disrupt, and manipulate the incoming traffic. That's where denial-of-service attacks and eavesdropping on sensitive information can occur. These types of attacks are terrifying because they mean that anything you send, like your login information or financial details, can be taken without you realizing it before it is too late. Any unencrypted data can also be sniffed out, as a hacker can start packet sniffing your traffic using their own installed software. What to do to protect yourself from common Wi-Fi exploits You don't need to be a sitting duck when you're on a public network Outside, using your own Wi-Fi or a hotspot, be diligent about where you connect and what you do after you're connected. One of the juiciest pieces of information that hackers love to learn is your banking information. Also, any pages that require you to log in, like anything Google-related, like your Gmail account, McAfee published an article in June 2025 that compiled some surprising statistics: 25% of travelers are hacked while using public Wi-Fi, and 40% of people have had their information stolen on a public Wi-Fi network. So, yes, these situations can happen. Public Wi-Fi networks aren't safe. They are considered a hacker's paradise, but sometimes you still need to use them. For example, your data might be running out, or you don't have a plan that supports international roaming, so you'd use the free Wi-Fi to check your email or send a file before leaving. In those moments, you are more susceptible to being a target. That's where you have to consider ways to protect yourself. One method is to use a VPN. VPNs encrypt your data while it is in transit, preventing hackers from snooping on it. If you don't have a paid Surfshark or NordVPN plan (or a similar trusted option), there are a few free options that can help. If you have a Google Pixel 7 or newer, you can access the VPN by Google service directly. You can connect or disconnect from it via your Network & internet settings. The next free VPN that I've personally used for over three years is Proton VPN. It's another one with a decent security protocol, AES-256 encryption, and a kill switch. It should also keep your connection encrypted while it is in the tunnel. Another option to consider that others seem to like (though I haven't personally used it as much) is Windscribe. Windscribe's free plan has a data cap, but 10GB is fairly solid to work with. It also supports AES-256 encryption and a kill switch (though it operates proactively rather than reactively). Just note that the VPN is based in Canada, which is a Five Eyes country. Otherwise, if you can't or don't want to use a VPN to encrypt your network traffic, make sure everything you do has some semblance of security. Ensure all web pages use HTTPS/TLS encryption by checking the certificates in your address bar, and keep multi-factor authentication enabled. Also, avoid using devices with outdated security protocols, and keep your firewall on. If you have antivirus software enabled, run a scan after your session. And the most crucial consideration is to be mindful of what you do and share. Don't share sensitive information, and don't stay connected to the open Wi-Fi network longer than necessary. That also includes logging out of every session you're on and manually disconnecting from the network (make sure auto-connect is turned off). Any features you enabled that allow others on the same network to see, such as photo albums, file sharing, and media casting or streaming, keep those disabled as well. Keep doing more to protect yourself Even if you're not on a public network, you should still take additional steps to protect yourself online, whether that's developing a new routine for changing your passwords or adopting passkeys. But another way to keep your data safe is to reduce your digital footprint. Keep your personal information out of sight. Use private browsers when handling sensitive information, and be mindful of the accounts you sign in to.