Hurray! Free Wi-Fi while I wait for my connecting flight...STOP!

  
     
February 15, 2011

What a great deal!  A long layover at an airport, quiet place in the corner to settle in, and your laptop browser indicates not one, not 2, but 3 FREE wireless connections.  Too good to be true?  Well, the web browsing is free, but you may end up paying a price in another way---by giving away  much of the information stored on your computer; pictures, financial records, bank accounts, personal information, everything is fair game.  And that’s because, these free “Wi-Fi hotspots” are not encrypted and are often set up by hackers specifically targeting personal information.  The people who set up these predatory sites need not be sophisticated computer hackers.  The computer hacking tools are available on the web for free and show how to snatch unencrypted information.

So, what can you do?  Encryption of information that you share is key.  Many websites such as your bank use encryption methods to protect your information. You will know if a website is encrypted by the “https” in the web browser (“s” means secure). There will also be a lock icon at the top or bottom of the page.  Look for these encryption indicators during your entire time at a website.  Some websites use encryption for the sign-on page only, leaving your personal information vulnerable during the rest of your time at the site.

OnlineOnguard.gov is a great resource to bookmark on this topic.  It is the Federal Trade Commission’s website that offers tips on guarding against internet fraud, securing your computer, and protecting your personal information.   Here is some important information directly from their website that you can learn and do right now so that you will be surfing the net with confidence, the next time you are traveling-

 When using a Wi-Fi hotspot, only log in or send personal information to websites that you know are fully encrypted. And keep in mind that your entire visit to each site should be encrypted – from the time you log in to the site until you log out. If you think you’re logged in to an encrypted site but find yourself on an unencrypted page, log out right away.

 Don’t stay permanently signed in to accounts. When you’ve finished using an account, log out.

 Do not use the same password on different websites. It could give someone who gains access to one of your accounts access to many of your accounts.

 Many web browsers alert users who try to visit fraudulent websites or download malicious programs. Pay attention to these warnings, and take the extra minute or so to keep your browser and security software up-to-date.

 If you regularly access online accounts through Wi-Fi hotspots, use a virtual private network (VPN). VPNs encrypt traffic between your computer and the internet, even on unsecured networks. You can obtain a personal VPN account from a VPN service provider. In addition, some organizations create VPNs to provide secure, remote access for their employees.

 Some Wi-Fi networks use encryption: WEP and WPA are the most common. WPA encryption protects your information against common hacking programs. WEP may not. If you aren’t certain that you are on a WPA network, use the same precautions as on an unsecured network.

 Installing browser add-ons or plug-ins can help, too. For example, Force-TLS and HTTPS-Everywhere are free Firefox add-ons that force the browser to use encryption on popular websites that usually aren't encrypted. They don’t protect you on all websites – look for https in the URL and the lock icon to know a site is secure.         


Also, National Consumer Protection Week is March 6-12.  In its 13th year, the goal of NCPW is to bring together government and non-profit organizations in order to help consumers learn how to protect their privacy, manage their money, decipher advertising messages, and steer clear of fraud and scams.  Visit www.ncpw.gov for details and free materials, including a toolkit and outreach ideas.