We’ve mentioned many times that you are facing a risk of being spied on when using a public wireless network or if you don’t encrypt your wireless network at home. People with a certain basic knowledge and the respective bad intention can actually see quite a lot of what you are doing and even spy out your login information and passwords. But what exactly is it that hackers can see? Read on to find out where you should be careful and when are you safe.
1. Websites you are visiting
When browsing the Internet, the communication between you and the web server is split up in many small data packages. On an unencrypted network these packages can be intercept very easily. One of the most basic information in the intercepted packages is which websites you are visiting and what you are looking at on those websites. Someone with access to the same network as you can follow your movement on the Internet in real time.
The good news is that you don’t have to worry about this when you are accessing secure and encrypted websites using the https protocol. Online banks, PayPal, and some webmail interfaces are using this method for your protection. NEVER enter personal data or even credit card information on a website that runs over a mere http connection!
You should also be careful with services such as Gmail that don’t operate over an encrypted connection by default. In many cases you can fix this by simply adding an “s” after the http in the address line. Consider changing your email provider if your current service doesn’t allow you to access your webmail over a secured https connection.
2. Emails you send and receive
Apart from the emails you send over an unencrypted webmail interface, email communication using Outlook or other email clients is also prone to eavedroppers. Again, the default protocols (POP or IMAP) do not provide for an encrypted connection. Anything you send or receive that way can easily be read by third parties. Furthermore, hackers can intercept your login information and access your emails at any time until you change your password.
To prevent this from happening, you need to change the settings of your POP or IMAP servers to an encrypted connection. Read our post Send Your Emails Over an Encrypted Connection in Outlook to learn how to do that.
3. Files you send over the network
Similar to the way hackers can determine which sites you’ve visited or what you write in your emails, they can also intercept files you send and receive over an open wireless network. Be it through the Windows filesharing system or by using other unencrypted protocols, if you don’t encrypt your wireless network, chances are your files are being captured. This can becomes especially dangerous when these files contain critical information such as your bank account or other personal data. A good example is an invoice or pdf copy of a bill.
4. FTP logins and files
FTP stands for file transfer protocol and is not encrypted either. As a consequence, people can steal your credentials and capture the files you send over FTP just like they can with emails and standard http communication.
5. Instant Messaging Communication
Per default, messaging communication such as MSN, Yahoo, Google Chat, or AIM are not encrypted. This means that someone in the same network as you can read your conversation just as if he was part of it. While there are tools that allow you to encrypt your instant messages, these tools are not very user-friendly and require implementation on both sides. In any event, you should never send confidential or critical information over an instant messaging system.
What can you do to protect yourself?
The most important thing for you to do is to make sure your wireless network at home is encrypted using WPA or WPA2. That way, nobody can intercept your data packages when you are using the Internet at home. Read How to Set your Wireless Router to Use WPA Encryption for a short description on how to do that.
It is also critical to never give out personal information on the Internet unless you know the website and it is being done on an encrypted https connection. Files should not be sent over FTP but rather through a secure web interface or encrypted email connection.
To be on the absolute safe side, you may also consider using an encrypted VPN connection. That way, your communication is always completely secured, even in open public wireless networks. A great VPN tool allowing you to do just that is Steganos Internet Anonym VPN, which is sold for $99.99 on their website.
Finally, use secure passwords for the things you do online. Have a look at our post How to Choose Secure Passwords? to learn more about that topic.
Loading ...
I recently saw an expose; http://news.bbc.co.uk/1/hi/sci/tech/8332689.stm?ls. Which seems to show what can happen at a public wifi site. I assume this was using a browser email account, I may be wrong, and if so these are usually using the browser encryption. The question is what can be done these days in terms of hacking by someone who is very capable.