When we’re away from home, joining a public Wi-Fi network can be a convenient way to be online when we don’t have good service or want to cut down on data usage.
But should you buy stuff while using these public networks?
In many cases, you should be fine. As the Federal Trade Commission explains, “Today, most websites do use encryption to protect your information. Because of the widespread use of encryption, connecting through a public Wi-Fi network is usually safe.”
But sometimes these free Wi-Fi hotspots do get compromised by malware infection, fraudulent networks that have legitimate-sounding Wi-Fi names and man-in-the-middle cyberattacks.
“Public Wi-Fi networks often lack robust security measures, which makes them attractive targets for hackers who can intercept sensitive data, such as credit card information,” said Michael Jabbara, the vice president and global head of fraud services for Visa.
Amy Nofziger, the director of fraud victim support with AARP, said she’s experienced this kind of cyberattack firsthand. When she was on vacation in Las Vegas, she needed to pay a bag fee for her upcoming flight, and she entered her credit card information on the free Wi-Fi at the hotel.
“Within 20 minutes, I started to get emails and calls from my credit card company alerting to charges being made on my card in others states. That’s how quickly it can happen,” she said.
Luckily, there’s a simple way you can double-check that your online behavior is encrypted ? and you should do it any time you use public Wi-Fi. Here’s what to know:
Check the URL of the site you’re visiting to make sure it’s secure.
Before you buy anything online, the most important step you can take to ensure that the website you are using is secure is to check that the URL begins with https://. The “s” stands for secure, and there is typically a padlock icon in the address bar.
Under this encryption, people who are logged in with you on the public Wi-Fi cannot see the contents of your communication, explained Eva Galperin, the director of cybersecurity at the Electronic Frontier Foundation.
“They can see that you are going to this website, but they don’t know what page you’re going to and they can’t see what you’re typing in,” Galperin said.
The HTTPS (hypertext transfer protocol secure) ensures that the data going from your device to the website you’re visiting is encrypted. As long as your website URL begins with “https,” Galperin said, you should be fine to make online purchases.
If you want to make sure that you’re strictly only using these websites, Galperin recommended making it the default in your browser. On Safari, using an HTTPS URL is already the default. On Chrome, you can do this by going to Settings, selecting Privacy and Security, then Security, then toggling on the option for “Always use secure connections.” On Firefox, you can do this by going to Settings, then Privacy and Security and selecting Security. Then scroll to the “Always use secure connections” option.
Using a VPN or mobile data instead of public Wi-Fi can also enhance security.
In addition to checking for the HTTPS, you can always go one step further and use your mobile data over public Wi-Fi if you need to make a purchase, which is what Jabbara and Nofziger both advise over using public Wi-Fi for purchases.
“Using your cell service is typically safer than using public Wi-Fi for transactions, as it’s more difficult for hackers to intercept data over cellular networks,” Jabbara said. “The best course of action is to wait to use a secure network, but using mobile data is a great second option.”
If you want to enhance your security, one of the most effective measures is to use a virtual private network (VPN). A VPN “encrypts your data and makes it much more difficult for anyone to intercept and read your information,” Jabbara said.
And be mindful of what seems too good to be true. If a network lets you log on without entering a password or the network has a generic-sounding name like “Free Public Wi-Fi,” Nofziger said those are warning signs that the hotspot could be compromised.
Ultimately, you don’t have to stop yourself from ever using public Wi-Fi ? just make sure that what you are visiting is encrypted and secure.
“While it’s not necessary to completely avoid buying anything while on public Wi-Fi, it’s important to be aware of the risks and take appropriate precautions, like checking to see if the URL is safe or using a VPN,” Jabbara said.