Free public Wi-Fi is now often available in many places. Airports, hotels and cafes all promote free internet, which provides an added incentive to use their services. Indeed, for many people, being able to connect to a free Internet connection while traveling seems ideal. This is particularly useful for business travelers, who can access their work emails or share documents online.

However, using public Wi-Fi hotspots carries many risks that the majority of internet users are unaware of, and most of these risks are related to attacks such as (Man in the middle or MitM in English).


Man in the Middle Attacks

A man-in-the-middle (HDM) attack occurs when a malicious actor manages to intercept communication between two parties. There are different types of HDM attacks, but one of the most common involves intercepting a user's request to access a website, returning a response containing another fraudulent web page that appears legitimate. This can happen with almost any website, whether with online banking or file sharing or email providers.

For example, if Alice tries to access her email and a hacker manages to intercept the communication between her device and the email provider, he can perform an HDM attack, luring her to a fake website. If the hacker gains access to her username and password, they can then use her email to carry out more malicious acts, such as sending phishing emails to Alice's contact list.

Therefore, the man in the middle is a third party capable of intercepting data sent between two points by posing as a legitimate intermediary. Typically, HDM attacks are used to trick users into entering their confidential data into a fake website, but they can also be used to simply intercept a private conversation.


Wifi listening

Wi-Fi eavesdropping is a type of HDM attack where the hacker uses a public WiFi to monitor the activities of all users who connect to it. Intercepted information can range from personal data to Internet traffic and browsing habits.

This is usually done by creating a fake WiFi network with a name that appears legitimate. The name of the fake hotspot is often very similar to that of a nearby store or business. This way of proceeding is also known as the evil twin method.

For example, a consumer might walk into a coffee shop and realize that there are three Wi-Fi networks with similar names: CoffeeShop, CoffeeShop1, and CoffeeShop2. There's a good chance that at least one of them is a scammer's Wi-Fi.

Hackers can use this technique to collect data from any device establishing a connection on the network, ultimately allowing them to steal login credentials, credit card information, or other sensitive data.

WiFi eavesdropping is just one of the risks associated with public networks; so it is always better to avoid using them. If you really need to use a public WiFi network, be sure to check with an employee to make sure it is genuine and secure.


Basically, cookies are small packets of data that web browsers collect from websites to remember certain browsing information. These data packets are usually stored locally (as text files) on the user's computer, so that the website will recognize it when it returns.

Cookies are useful because they facilitate communication between users and the websites they visit. For example, cookies allow users to stay logged in without having to enter credentials each time they visit a given web page. They can also be used by online stores to record items that customers have previously added to their shopping cart or to monitor their browsing activity.

Because cookies are simple text files, they cannot contain keyloggers or malware, so they are not harmful to your computer. However, cookies can be dangerous in terms of privacy and are often used in HDM attacks.

If bad actors are able to intercept and steal the cookies you use to communicate with websites, they can use this information against you. This is called cookie theft and is often associated with what we call session hijacking.

Successful session hijacking allows an attacker to impersonate the victim and communicate with websites on their behalf. This means that hackers can use the victim's current session to access personal emails or other websites that may contain sensitive data. Session hijacking typically occurs in public WiFi hotspots because they are easier to monitor and much more vulnerable to HDM attacks


How to protect yourself from HDM attacks?

  • Disable any settings that allow your device to automatically connect to available WiFi networks.

  • Turn off file sharing and log out of accounts you don't use.

  • Use password-protected WiFi networks whenever possible. When there is no other choice but to use a public WiFi network, try not to send or access sensitive information.

  • Keep your operating system and antivirus up to date.

  • Avoid any activity related to your finances when using public networks, including cryptocurrency transactions.

  • Use websites that use HTTPS. However, keep in mind that some hackers may also use HTTPS spoofing, so this measure is not completely foolproof.

  • Using a Virtual Private Network (VPN) is always recommended, especially if you need to access sensitive or professional data.

  • Beware of fake WiFi networks. Don't trust the name of WiFi just because it sounds like the name of a nearby store or business. If in doubt, ask a staff member to confirm the authenticity of the network. You can also ask if they have a secure network that you can use.

  • Turn off your WiFi and Bluetooth if you are not using it. Avoid connecting to public networks if you don't really need to.


In conclusion

Cybercriminals are always looking for new ways to access people’s data. It is therefore essential to be informed and remain vigilant. Here we've covered some of the many risks that public WiFi networks can present. But while most of these risks can be avoided simply by using a password-protected connection, it's important to understand how these attacks work in order to avoid becoming the next victim.