Travelers use a charging station for their devices at McCarran International Airport in Las Vegas. Experts say to protect your data in public places confirm that a given Wi-Fi link is legitimate before connecting to it.
Travelers use a charging station for their devices at McCarran International Airport in Las Vegas. Experts say to protect your data in public places confirm that a given Wi-Fi link is legitimate before connecting to it.Associated Press file

“I am very careful with my credit cards, and this was a card that I used very rarely,” Harrison said. “So I believe there is a high chance that’s how my information got stolen.”

Although it may be convenient to use free, public, unsecured Wi-Fi – such as those found in some hotels, airports and coffee shops – these networks are the least secure. Criminals have been using them to easily steal your information, potentially hijacking your device and possibly your life through these unprotected networks.

And these criminals are employing hard-to-notice tactics, such as sniffers and official-looking network names, to accomplish all of this.

“Gone are the days where you would have to be a computer engineer to hack into people’s devices via Wi-Fi,” says Ryan Wright, an associate professor of information systems at the Isenberg School of Management at the University of Massachusetts at Amherst. “Now, any semi-tech-savvy person can download an application and track any unencrypted traffic on the Wi-Fi connection.”

Good-guy IT security professionals have been using sniffers, software that read wireless data as it travels through the air, to determine the security of a network. But bad guys have been using them to see your data as it travels from your device to the router communicating the wireless internet signal.

And sniffers are hard to detect.

“Think of wireless networks as the old-style party phones where anyone can pick up their phone and listen to other people’s conversations,” Wright says. “The only way you would know if someone else was listening on the party line was to hear them make an inadvertent sound. Sniffers work under a similar principle. They listen to the traffic but rarely, if ever, generate any traffic on the network.”

Another way hackers can get your information while you’re traveling is by setting up a legitimate-looking Wi-Fi connection, which experts say are typically named something like “Free Wi-Fi” or “Public Wi-Fi.” An unsuspecting customer at, say, a coffee shop will then connect to the hacker’s “Free Wi-Fi” network, unknowingly giving the hacker his or her information. Criminals have also used default router names such as “Netgear” to trick people into trying to find free Wi-Fi.

And if the customer has enabled sharing of folders, hackers can directly steal files and folders. The hackers also could spoof legitimate websites with hopes that people will provide a username and password.

“When someone uses a spoofed Wi-Fi connection, hackers can then replace requests for legitimate websites with spoofed websites designed to steal usernames and passwords,” Wright says. “For example, if I access a spoofed Wi-Fi connection and go to American Express, the hackers would send me a fake website instead with the hopes that I enter in my username and password.”

All of this allows the hacker to just sit back and collect information that is garnered when people surf the web.

Protect your data

To guard your data against people who are up to “no good” while you are on the road, here are some do’s and don’ts from Robert Siciliano, identity theft expert with
BestIDTheftCompanys.com
.
Don’ts
Don’t leave your spot without your device on you – not even for a moment. You may come back and still see your computer where you left it, but a thief may have installed a key logger in it to capture your keystrokes.
Don’t email messages of a sensitive or serious nature.
When your computer begins seeking out a network to connect to, do not let it just drift to the first one it wants. See if you can choose one.
Don’t leave your file sharing on.
If you’re not using your wireless card, then don’t leave it on. Shutting down your wireless card on your device prevents your device from searching for and connecting to just any Wi-Fi. Many devices automatically connect to known and “trusted” Wi-Fi that may, in fact, be vulnerable to attack. Turning off the Wi-Fi card prevents your device from automatically connecting to potentially compromised networks.
Don’t do banking or any other sensitive activities.
Don’t position your device so that someone nearby can see the screen.
Do’s
Look around before you settle into a nice spot.
Sit somewhere so that your back is facing a wall.
Assume all Wi-Fi links are suspicious.
See if you can confirm that a given Wi-Fi link is legitimate.
Assume that if the connection name is similar to the Wi-Fi spot, that this could mean that the hacker was clever. Inquire of the manager of the coffee shop, hotel, etc., for information about their Wi-Fi access point.
You should consider using your cellphone for sensitive activities such as online shopping.
But cellphone or not, see whether you can avoid visiting sites that can make it easier for hackers to nab your data – sites such as those related to banking or social media and any site on which your credit card information is stored.
Use a VPN, or virtual private network. A VPN creates an impervious tunnel through which your data travels. The tunnel encrypts all of your banking, email and other sensitive transactions, as well as downloads, so that you won’t have to worry about a thief or snoop intercepting your transmissions.
Washington Post