School holidays are imminent season and thousands of households will hit the road or pack their passports for some rest and recreation. Most won’t be planning to make their break a digital detox, given research by The Australia Institute in 2016 showed three in five of us check work emails when we’re officially out of office and off on holiday. And separating children and young people from their screens can also be tough and access to WiFi can equate to peace and quiet for mum and dad.
Monthly data allowances on smart phones are unlikely to go the distance when they’re away from the home network and seeking out public WiFi can be an imperative for those who don’t want to rack up big bills.
But while logging on to the free network at your accommodation or in the local café or shopping centre seems like a smart solution, it can also be a way to say goodbye to important private information.
The reason? Hacking WiFi is a relatively easy process and tricking people into connecting to a fake free WiFi network is even easier. The latter is done by setting up what’s known as a fake captive portal that looks like a legitimate free network and may have a similar sounding name but, when you log on, any personal information you submit – think email, banking and social-media passwords – can be intercepted and sold on for profit.
Planning ahead and taking a few simple security measures can reduce the risk of you and your family being “cyber-mugged” these holidays.
Here are some tips for keeping the tribe safe.
Spot the fake
Every WiFi network has a Service Set Identifier (SSID). It’s the technical term for a network name. Alarm bells should ring if you have the option to connect to multiple variations that look almost the same – Fawlty Towers, Faulty Towers and Faulty Tower, say. One is likely to be legitimate; the others probably not.
Confirming which is the real deal can be as simple as checking with staff on the reception desk at your accommodation, or with the proprietor of the café or business supplying the service. It’s also worth enquiring whether they offer an encrypted WiFi network which requires a password to access. If the answer’s “yes”, use that, rather than the insecure “open-to-all-comers” service.
Keep it private
Australia’s privacy laws changed recently and businesses of all sizes now face steep financial penalties if they’re not diligent about protecting their customers’ personal data and taking prompt steps to remedy any suspected breach. To avoid becoming “that person” who accidentally allowed the customer database to become public information, disable the public WiFi log-in on your phone before you check work emails or access company systems, do the needful using your phone’s data allowance and double check you’ve logged out of everything before switching back to the free service.
Bank on it
You should be equally defensive when accessing your own sensitive information. If you do your banking online, doing so via a public network can be the cyber-equivalent of standing in a shopping centre and shouting out your PIN. Taking similar precautions online as you would in real life means confining financial transactions to the security of your phone’s data connection not taking a peek at your balance courtesy of the café WiFi while you wait in line for a latte.
Saving WiFi network names makes it quicker to connect next time you need to go online but this may be a convenience you’re better off doing without, at least when you’re far from home. Clearing saved names from phones and devices and disabling the auto-connect feature means you won’t log on to any dodgy networks you’ve unwittingly visited in the past.
Install a VPN
A Virtual Private Network (VPN) is networking software that enables a mobile device to connect to another secure network via the internet and send and receive data safely. If you regularly use your smartphone to access secure or sensitive information, whether your own or for work purposes, it can be technology that’s well worth investing in.
Mark Sinclair, ANZ Regional Director, WatchGuard Technologies