As Wi-Fi networks in public places do not commonly require a password to authenticate, anyone can gain access to these networks with the ease.

As individuals are connecting to these Access Points to obtain internet access, a resource many of us rely on, accidentally connecting to a malicious actor’s spoofed access point becomes much more likely event.

A malicious actor can use a technique known as ARP spoofing, this attack can be used to impersonate a network that people can connect to. Once an individual is connected, the malicious actors will be able to view traffic that is being sent to the fake router using penetration testing tools. This results in all the content that is being sent from the device to the access point to be viewed by the malicious actor, including passwords, bank account details.

To reduce the risk of sensitive information being compromised when utilising public Wi-Fi, it is imperative that no websites that contain sensitive information (i.e. bank accounts, e-mails, company sensitive websites) are visited. If you need to utilise the internet to perform specific activities, you should you should tether to your phone and use the cellular data.

If it is necessary to connect to a Public Wi-Fi to perform sensitive activities, a Virtual Private Network (VPN) must be used. A VPN sends your data through an encrypted tunnel that largely blocks the data being sent resulting in the malicious actor only being able to see encrypted data.

Another method to prevent this threat is to download anti-virus software attempts to detect if you are being attacked by ARP Spoofing. However, the malicious actor may be able to circumvent this type of protection and therefore must be combined with other techniques mentioned in this article.