In today’s modern life, we find ourselves highly dependent on the connected world. Think about it, almost everything we do or need in some form requires being connected via a website, app or computer platform. We carry most of us smartphones which are smarter than the computer systems that enabled man to land on the moon.
Seriously, just think about that for just a moment. The mobile phone, which is around 10 cm x 5 cm in size, give or take. This device is smart enough and capable enough to do more than the computers we used at the start of this decade. In the last five years alone, processing power and raw computing capabilities have greatly increased.
We have AI, we have smart watches and smart glasses. Technology moves so fast its hard to keep up, but you get my point, I am sure. Technology is everywhere; it’s part of our modern society. No matter where you look, connectivity is a key capability we all need. If we are not connected, no emails, no social media, no encrypted messaging apps. You probably can’t pay for a coffee or a meal without being online.
This need to be connected, to enable you to participate in our new connected way of life drives many to do something that will put you and your entire digital world at risk. Can you guess what that is, that’s right connect to public Wi-Fi.
What do I mean by public Wi-Fi?
Public Wi-Fi is wireless access to the internet that is provided free by Cafes, restaurants, airports, motels and many other public areas. These are given to make it easy for everyone to be able to, as we want to stay connected, enable us to be happy and still online all the time (we can discuss my thoughts on that in another article sometime). It makes us stay longer, meaning most of the time we buy more, spend more.
Connecting to these free internet sources is a risky option though and can really leave you open to attack from a malicious actor. Let me tell you a story; it will help break it down and show you what I mean.
We are in an airport, it doesn’t matter which one, but image its one near you, you have had a busy week travelling and doing sales. You have had a very impressive week, you are looking forward to receiving the commission check for all of these. Lots of new customers to onboard.
You just heard that your flight has been delayed 30 minutes, so you have a bit of time to sit in the airport waiting for that flight. So, you take out your laptop and connect to the free airport wifi, it takes a few seconds and you are on. You open up your CRM (Customer Relationship Manager) application, you login and start preparing the invoices for the new customers. You are not going to send them straight away, you will leave them until Monday morning. You would like to make a good impression on them as they are new customers.
You work your way through them and save them all as drafts. You look around on the internet, just browsing for a few minutes and then you hear over the intercom that your flight is preparing to board. So, you pack up the laptop and head over to the gate so you can fly home to your family. A few more minutes go by and you are on the plane and before you know it in the air making your way back home.
So what didn’t you know, what happened why you were flying home?
That “Free Airport WiFi” you connected to was actually a malicious actors network that was created to make it look like you were connecting to the free public internet service by the airport. The very helpful malicious actor still gives you access to the internet through their connection but the difference is they also capture everything you do on the connection.
When you logged into the CRM, they captured your login and password details. There was no MFA setup on the account (another topic we can tackle at a later date). This allowed them to logon, gain access to all of the platform customer details, it allowed them to go to these draft invoices, modify the bank account details for payment and then send them out.
Remember, these customers are new, they would not have any bank details in their systems for you, so they have no reason to question the details. So they will pay them into the malicious actor’s account. It may be weeks or months before anyone knows and the money will be long gone by then.
Via the connection, the malicious actor can see where you go, if your machine is not secured correctly, they may be able to gain access to your device and allow access later at their convenience. It won’t matter what connection you have then.
This scenario is not a great one to be in, I think we could all agree on that. So what can we do to keep ourselves safe? Its simple.
Never Connect To Free WiFi…
It’s as simple as that. All of us carry mobile devices, they have very good data plans on them that will be a much more secure mode of gaining access to our digital platforms. Hotspot to the mobile phone if you need access on a tablet or laptop if they don’t have a built in sim.
By doing this, you remove your risk of having your connection eavesdropped on in a situation like I have described here. It will give you control and peace of mind its safe.
Now, if you have no other option but to utilise a free Wi-Fi connection, please ensure you have a VPN (Virtual Private Network) that you can use to ensure that whatever you do on that network is encapsulated in the security of the VPN, at least minimising the potential risk that someone is listening. This won’t completely protect you, but it will help.
So, stay off the free Wi-Fi and keep yourself safe.
