Risk of Data Leak when Connecting to Public Free WiFi
phone functions, using mobile phone to surf the Internet has become an important activity in our life. Also, the number of Internet users has kept increasing. The number has reached over 3.89 billion until Dec, 2017 which includes 3.763 mobile Internet users and the covered rate of Internet has reached 51.7% according to the global report of Internet Development. There is 3.763 billion Internet users surfing the Internet with mobile phone which occupies 97.5% if total Internet users. The development of mobile phone users promotes the development of mobile payment, ride-hailing service, etc.
More and more App are installed in our mobile phones which make our life more convenience. Also users prefer to connect their cell phone to WiFi instead of using Cellular network especially when they watch TV and play games which require a large data flow.
Free WiFi could be found everywhere like home, office, shopping malls and public places. Nevertheless, there are more and more risks associated with public free WiFi. So does using free WiFi harm our personal information?
What are the Risks of Public Free WiFi?
|Low||Embeded Advertisement: Annoying advertisement will pop up without clicking when users visit websites.|
|Embeded Hidden Link: Automativally click the advertisement in the background to make malicious promotion. Users are hard to find this behavior.|
|Medium||DNS: Attackers intecept the request of domain names in the hacked network. After analyzing the domain name, they will pass the requests which are off their scan list. Otherwise, they will return to attackers’ IP and make users can not visit certain websites or go to some malicious websites.|
|ARP: Attackers can perform IP address spoofing with fake IP addresses and MAC addresses. This can create lots of ARP traffic to make a network congestion. Attackers can send the fake ARP package to change the IP-MAC in ARP cache. As a result, the Internet is break and the middle man is attacked.|
|High||SSL: SSL is a classic MIMT. Attackers can get access to the users’ information by hacking the SSD certification or lower the secure level of SSl certification and lead to the password and data leak.|
|Redrict to Phishing Sites: Hackers can get access to users’ sensitive information for frudenlent. There are mainly two types of such sites, one is to get users’ information via fake winning website and the others is to make users to pay with fake payment website.|
According to a report about public WiFi security, risky WiFi only occupies 1% of free WiFi. And WiFi with high risk level occupies 0.009%. However, such WiFi usually pretend to be public free WiFi and we should still pay more attention when connecting to a free public WiFi.
It is believed that the bank account till be hack once we run App like online back or Paypal after connecting to risky WiFi and lead the economic lost.
Actually, it is not. Such payment App uses bi-directional communication. Even such data is hacked when transferring, hackers can not decrypt or modify it. So, it is almost impossible to steal the password of the account via WiFi.
How to Avoid Data Leak after Connecting to WiFi?
1. Use router and related firmware produced by reliable manufacturers
Being the device of providing WiFi connection, routers produced by reliable
manufacturers will not share the underlying management authority. Besides, we should not change the firmware of the router. Once hackers get the underlying management authority, all data go through the router will possibly be intercepted.
2. Do not root the Android devices or jailbreak iOS devices
Similar to routers, system in mobile phone also limits the authority of advanced management. If users root or jailbreak the devices, parts of app can get access to the advance management authority to control the device.
3. Choose the reliable public WiFi
According to some report, phishing WiFi like to make SSID to be the same name of operators or famous router brands like TP-link, D-link. Users should pay more attention when connecting to free WiFi and choose reliable
free WiFi provided by shops or safe facilities.
4. Disable the automatic WiFi connection
Free WiFi provided by hackers will not require the password. If you enable the automatic WiFi connection function, your device may get in a dangerous place.
5. Check the App before install
It is strongly recommended to download the applications on official sites, to avoid downloading malicious software.