Free WiFi & charging stations can cost you more than you think

We’ve all been there: away from our usual routine, perhaps traveling for work or pleasure, and suddenly, our phone battery is in the red, or we can’t find a signal when we desperately need to check something online. Luckily, public Wi-Fi hotspots and charging stations seem to be everywhere these days, offering a convenient lifeline — but it’s worth understanding the potential security risks involved before you plug in or connect.

Public WiFi

Public Wi-Fi networks offer convenience, but they pose security risks that you should be aware of.

• Lack of encryption and authentication: Many free WiFi networks, especially those found in public places like cafes or airports, offer little to no encryption or authentication. This means that data transmitted over the network is often unencrypted, making it easy for anyone on the same network with malicious intent to intercept and read sensitive information.
• Adversary-in-the-Middle (AitM) attacks: A hacker can set up a rogue access point that mimics a legitimate free WiFi network. When users connect to this fake network, all their internet traffic passes through the hacker’s device. The hacker can then snoop on their activities, inject malware, or redirect them to malicious websites without their knowledge.
• Malware distribution: Cybercriminals use unsecured free WiFi networks to distribute malware. By compromising a router or setting up a fake network, they can inject malicious code into unencrypted websites or downloads, infecting users’ devices with viruses, ransomware, or spyware. This can lead to data theft, system damage, or further exploitation.

With “evil twin” networks, cybercriminals set up a fake WiFi hotspot with the same name as a legitimate network in popular, high-traffic areas like airports, coffee shops, or convention centers. Since many devices are configured to automatically connect to a known WiFi network, travelers may connect to an “evil twin” network without even noticing.

The best way to protect yourself is to avoid open public WiFi, using your cell data as a hotspot or a secured network as much as possible.

Public charging stations

Few things inspire anxiety when traveling like a rapidly declining cell phone or laptop battery. Not only do we need those devices for business and personal communication, we probably depend on them to manage our itineraries, airline tickets, and ride share once we arrive. Simply put, having a dead cellphone anytime, but especially when traveling, is a big hassle.

• Juice jacking: Unlike standard electrical outlets, USB ports are designed to carry both power and data. A compromised public USB charging station can be modified by a malicious actor to steal data from your device (like photos, contacts, or even financial information) or to install malware, spyware, or ransomware.
• Rogue chargers and cables: It’s not just the ports themselves that can be compromised. Criminals might leave behind seemingly innocent charging cables that are actually designed to infect your device or steal data. These rogue cables can look identical to regular ones but contain hidden components that facilitate the attack.

The best way to protect yourself is to plug into a standard electrical wall outlet with your own trusted power adapter and charging cable, or to carry your own portable battery that you’ve charged at home before you travel.