For remote workers who love traveling or coffee shop enthusiasts, a public Wi-Fi network can be incredibly useful. Sure, you can always turn on your phone's hotspot and browse using mobile data, but this is only feasible to a point. Even with Data Saver mode on, working professionals will quickly exhaust their allotted data, and casual users won't be able to rely solely on cellular data for long. This makes a public network appealing for staying connected to the internet without incurring extra charges.
However, this convenience can come at a major cost. Becoming too complacent with using public Wi-Fi wherever you go can put both your data and privacy at severe risk. Man-in-the-middle (MITM) attacks, perpetuated by hackers, can help them gain access to your sensitive information, which can have dire repercussions. If you want to avoid such incidents on public networks, you need to stay alert while browsing the web and restrict your online activities to keep yourself and your data safe.
1. Use Your Banking App or Access Financial Services
Banking apps have made financial management incredibly convenient for internet-savvy users. Gone are the days when you needed to physically visit banks and fill out cumbersome paperwork. A few swipes, taps, and ID verifications are all it takes to pay bills, initiate money transfers, and view bank statements. As useful as online banking may be, we strongly suggest that you access these apps either on your mobile data or a private, secure Wi-Fi connection.
On public networks, there's a significantly higher chance of an MITM attack revealing any interactions you're making with your app. Your PINs, passwords, and transaction records become vulnerable to a hacker if they manage to exploit the security weaknesses of a public Wi-Fi connection. Even your crypto wallet isn't safe, as experienced by one unfortunate traveler who lost $5,000 in crypto while accessing these finances on his hotel's public network. While you don't necessarily need to avoid hotel Wi-Fi entirely, refrain from using banking or crypto apps and take other precautions mentioned in this article.
2. Keep Auto-Connect Enabled
For the most part, your device's auto-connect feature is quite convenient in the comfort of your home. It eliminates the need to manually select your preferred network and helps save mobile data without having to remember to connect to your Wi-Fi every single day. However, one crucial thing to remember about auto-connect is that it's often enabled by default whenever you log in to a Wi-Fi network. While this isn't an issue for home networks, make sure to uncheck this option whenever you're tapping into a public Wi-Fi connection. Even if you forget initially, you can always go into your Wi-Fi settings and disable auto-connect for the specific public network.
This prevents you from making one of the most common Wi-Fi mistakes and unwittingly connecting to an unsecured public connection repeatedly, just because you used it for a few minutes once. It's entirely possible that a public network you've connected to previously was secure back then but has since become compromised. Without your knowledge, you may give hackers easy backdoor access into your device if it auto-connects to what could be a malicious network.
3. Shop on Online Platforms
Online shopping is another area where an MITM attack can be very damaging. Hackers frequently exploit vulnerabilities in public Wi-Fi connections for these types of attacks. Using a public network while shopping online simply adds to the list of mistakes everyone makes when shopping on platforms like Amazon.
You're relaying a lot of sensitive information to your shopping app, such as your email ID and password. Along with this, any saved credit cards and financial details you've entered in the app are also at risk. If hackers intercept this data, your bank balance could become considerably lighter in no time.
Resist the urge to shop for just a few hours until you can use your private home Wi-Fi, or simply use your mobile network if you absolutely must buy something instantly. Cellular data is generally more secure than public Wi-Fi because it's not an open network. Even using a mobile hotspot with a strong password will help you avoid the hassles of dealing with public Wi-Fi and its numerous security issues.
4. Allow Random People to Send Files to Your Device
The magic of technology now allows for seamless file transfer over the same Wi-Fi network. AirDrop is a notable example, a convenient perk of the Apple ecosystem. While iOS updates have brought features like one-time codes for AirDrop to enhance usefulness, file sharing is also possible on Windows (settings found in the Network & internet section). However, as useful as this feature may be, do not become complacent about leaving it on when you're connected to a public network.
There's a reason why Windows has separate sections for private and public networks in 'Advanced sharing settings.' Giving random people permission to send files to your device can be even worse than an MITM attack. Beyond data interception, malicious files sent to your device can infect it with viruses and malware, putting all your data at risk. Avoid the headache of wiping corrupted drives by changing your settings to prevent file transfer on unsecured public networks.
On Windows, turn off "File and printer sharing" in "Advanced sharing settings" after clicking on "Advanced network settings." Meanwhile, on macOS, go to Sharing in the General section of System Settings and disable everything. As a final touch, make sure to choose "no one" in the "Allow me to be discovered by" drop-down menu of your AirDrop settings. If you have an iOS device, you can quickly disable AirDrop from the Control Center.
5. Surf the Web on Outdated Software
There's a critical reason why updates are so important for your operating system. While software optimizations and new features are beneficial, enhanced security protocols do most of the heavy lifting. These patches go a long way in preventing any vulnerabilities in your device from being exploited by shady programs. As demonstrated by Samsung's urgent security patch release in 2025 due to a firmware vulnerability, it truly is that serious.
If you decide to use outdated software to browse the web, you're already putting your device at risk. This becomes exponentially worse on public networks, which are inherently riddled with security concerns. Do yourself a favor and download the latest OS updates first before you decide to doomscroll social media. On the same note, it's also recommended that you update your apps. An outdated OS puts your entire system at risk, but using an app in dire need of an update can spell trouble too. Their security flaws can make it easy for bad actors to attack your system and steal personal data.
6. Browse Without a VPN
Many people still haven't entered the Virtual Private Network (VPN) ecosystem. While paying for a subscription to hide your data might seem unnecessary, the benefits of a VPN are so numerous that your costs will be recouped in no time. In fact, VPNs are recommended for both public and private networks, as they safeguard your privacy and help protect your data from being farmed by nefarious organizations and sold to the highest bidder.
Since most public Wi-Fi owners can see what you're doing online, a VPN can be incredibly helpful in such a situation. Of course, simply subscribing to this service doesn't mean you can do whatever you want on a public network. There's a common misconception that VPNs are solely a security tool – rather, they're primarily a privacy tool that disguises your digital fingerprint. If you don't want anyone else on the public network to see what you're doing online, use a Virtual Private Network to spoof an IP address and fool any would-be attackers. It's one of the most clever ways to use a VPN and makes public Wi-Fi networks feasible... for the most part.
7. Carelessly Connect to the Wrong Wi-Fi
A huge reason why public Wi-Fi networks are such major security risks is that hackers love to confuse users by spoofing networks that seem similar to legitimate ones. Cafes, hotels, and airports are among the most popular places to connect to public Wi-Fi, and they are also common areas where people have their information compromised. These hotspots serve as an easy place for hackers to set up a fake public Wi-Fi access point that unsuspecting users connect to, leaving them vulnerable to MITM attacks that can steal anything from their login credentials to their banking details.
This network spoofing has become so prevalent that it's now known as an 'evil twin attack.' It basically consists of a public network named very similarly to a legitimate public network in the same area. The goal is to get unsuspecting users to connect to the wrong network, then steal their information. This scheme has already claimed several victims, often leading to hundreds (or more) dollars in damages and untold stress. All of this makes it clear that you should definitely double-check a public Wi-Fi connection to see if it's the real deal before you even proceed to do anything remotely confidential on it.
8. Check and Input Your Personal Details
Using your personal information on digital channels can be far scarier than you'd expect, especially on a public connection. By this point, you're probably familiar with how MITM attacks work, intercepting sensitive data as it moves from a user to a service, like a shopping or social media site. Hackers who pull off an MITM attack will target your personal information and will steal it almost immediately the moment you decide to input anything sensitive into your favorite apps and websites. The common bad habit of using the same password on multiple accounts for convenience only makes this problem worse, because once a hacker has your credentials for one site, they can use them anywhere else that you're using them.
In fact, even checking any private information, including but not limited to your bank records and emails, can make it easy for hackers to appropriate this information and make your life miserable. It's wiser to be prudent and avoid accessing or inputting any sensitive data when using a public network. As mentioned before, your mobile internet and its hotspot are far more secure (though not perfect) for browsing the web if you're not at home.
9. Work and Use Your Company's Tools
Remote workers who enjoy traveling or working from coffee shops are probably used to connecting to public networks. As convenient as it may be to preserve your mobile data and employ a myriad of work-related tools on these networks, do not get too comfortable in this regard. We've spoken extensively about the security vulnerabilities of public networks at this point, and it's entirely possible that you aren't just putting your own data at risk, but your company's as well.
Seriously, just use a mobile hotspot or stay home and use a company VPN to get your work done. It's far more secure, and the extra hassle the setup might present is nothing compared to the potentially enormous cost if your actions leave your company vulnerable to a cyberattack. No matter what your status with your company is, putting their data at risk is a very bad idea, and a very real concern when using a public Wi-Fi connection for work.
10. Log In to Social Media
Many people spend hours on social media every day, so it's only natural that you might want to open your Instagram or Facebook and check the latest updates from your friends and favorite celebrities, even if you're out and about. However, this is yet another risky action to take on a public network. People are very protective about their social media profiles, and the last thing they want is for a hacker to go berserk and send all manner of questionable messages to their friend network.
It's an even bigger problem if you're inputting your password, email, or other relevant information on a social media app. A cyberattack will compromise all this information in no time and leave you scrambling to change all your login details once you discover that you've been hacked. Every week seems to bring a new story about a hacking victim, and you definitely don't want to be next. Given how problematic social media already is, use this as an excuse to stay logged off when you're not at home.
11. Use a Device Without Antivirus Software or a Firewall
Using a system that doesn't have any antivirus, firewall, or other online safeguards is a strict no-no. Even if you're connected to a private network, that doesn't mean you can disregard these basic safety measures while browsing the web. Hackers will find it far easier to compromise your device without this basic level of protection, allowing viruses and malware to infect your system and leave all your data at risk in no time.
It goes without saying that all these problems are exacerbated on public Wi-Fi. Don't even think about browsing the web on these networks without proper protection, since you might as well broadcast all your personal information yourself. Defender and XProtect are pretty competent on Windows and macOS, respectively, although you might have to tweak some settings on the former to stay as safe as possible. Aside from this, you can download third-party antivirus software, like Norton and Malwarebytes, for a greater degree of protection. When it comes to firewalls, these protocols are often set up properly from the get-go and shouldn't require extensive user intervention. Still, for your peace of mind – especially if you have no choice but to connect to public Wi-Fi – you might want to familiarize yourself with basic firewall settings to ensure you're getting the ironclad protection you need.