Free wi-fi: 4 ways to stay safe when using a hotspot

30/09/14

Wifi hotspot sign

Love free wi-fi? Who doesn't.

But be careful next time you log in to a public hotspot, as you could be sharing more information than you realised.

An expert has told Newsbeat everything from pictures to passwords to your address can be accessed by tech savvy hackers.

But don't worry, we've got a few tips to help you stop sharing credit card details at cafes or transactions at train stations.

We've spoken to Glenn Wilkinson, a security researcher from SensePost, which helps businesses protect digital information.

He said software is available for around £15 which allows somebody "to hear everyone's messages in range of whatever wi-fi network we're using".

"Your laptop, phone or tablet is shouting out the name of every wireless network it's ever connected to," he explained.

"This might not seem too dangerous by itself... but it's possible to geo-locate a network name right down to your exact street address so I can figure out exactly where you live, possibly where you work and where you've travelled to."

Woman on phone at cafe

He also revealed many instant messaging apps and image sharing services don't use encryption so somebody near the network could see what you're sending to your mates.

But what can be done to stop people getting your information?

1. Use a VPN

"The advice I normally give to people is don't be too terrified of open hotspots," he says.

"The most secure thing you can do is use a virtual private network (VPN).

"All that means is when you connect to a network, all your communications are encrypted and sent to some VPN server somewhere far away.

"So, for example, if I'm at a coffee shop, all of my traffic will be encrypted so nobody at that coffee shop or anyone else using that wi-fi will be able to read any of my messages.

"There are loads of options to buy your own VPN service provider. For £5 or £10 a month, you can get a pretty good set up. That's what I do."

2. Look for "https"

"At the very least, users should make sure any website they're using at an open wi-fi hotspot, has "https" at the beginning.

"Essentially that means your traffic is encrypted and is at least harder for an attacker to pry inside and have a look."

Glenn Wilkinson

3. Beware of emails

He said you should watch out for "social engineering" or "spear phishing" - that is manipulating us into giving away personal information.

"That could be an email which looks like it comes from a Facebook that says 'you were tagged in two photos' but prompts you to log into a fake Facebook website.

"Those types of attacks are very very common these days because users seem to be the weakest point of security."

4. Read terms and conditions

He described the terms and conditions for wi-fi hotspots as "quite hilarious".

"It's worth giving them a read if you have some time.

"For example, I read one hotspot's conditions recently. It said if you accept these conditions, we are allowed to monitor every website you visit, catalogue all your search terms and the unique identity of your machine."

"They've probably managed to tie it to your name," he added.

Follow @BBCNewsbeat on Twitter and Radio1Newsbeat on YouTube