Article Read Time
Every free public wi-fi connection comes with a cost you cannot see on the terms-of-service screen.
Last month, a county clerk in eastern Kentucky stopped at a coffee shop between meetings and logged into the office email over the shop’s public wi-fi. Nothing seemed wrong. Two weeks later, her office discovered that someone had intercepted her login credentials and used them to request a fraudulent wire transfer from the county’s general fund. The transfer failed only because a bank teller thought the amount looked odd and called to confirm. That clerk did nothing reckless. She did what millions of people do every day. She connected to public wi-fi.
This piece is about why that everyday habit carries real risk, and what you can do to protect yourself when you have no other choice.
What Makes Public Wi-Fi Dangerous
A public wi-fi network is, by design, open. That openness is the problem. When you connect to a network at a hotel lobby, an airport, a library, or a fast food restaurant, you are sharing that connection with every other device in range. Most of those networks do not encrypt the data traveling between your device and the router. That means someone sitting three tables away, using free software anyone can download, may be able to see what you are sending and receiving.
The most common threat is called a “man-in-the-middle” attack. Think of it this way: you believe you are talking directly to your bank’s website, but someone has quietly stepped between you and the bank, reading every word in both directions. The attacker can capture passwords, account numbers, and personal details without you ever knowing.
There is a second risk that is even simpler. An attacker can set up a fake network with a name that appears legitimate, such as “Airport_Free_WiFi” or “CoffeeShop_Guest.” Your phone or laptop connects, trusting the name, and now all of your traffic flows through a device the attacker controls. This is called an “evil twin” attack, and it requires no special skill to pull off.
A third concern is what security professionals call “packet sniffing,” which means using a program to capture and read the data packets moving across a network. On an unencrypted public wi-fi network, those packets are available to anyone who cares to look.
None of this requires a criminal mastermind. The tools are free. The tutorials are on YouTube. The targets are everywhere.
How to Protect Yourself on Public Wi-Fi
The safest advice is the simplest: avoid public Wi-Fi whenever possible. Use your phone’s cellular data or a personal hotspot instead. Cellular connections are encrypted by default, making them far harder to intercept. If your phone plan allows it, tethering your laptop to your phone’s connection is the single best alternative.
When you must use public wi-fi, these steps reduce your exposure:
Use a VPN. A virtual private network, or VPN, creates an encrypted tunnel between your device and a secure server. Even if someone intercepts your traffic on the public network, they see only scrambled data. Choose a reputable, paid VPN provider. Free VPNs often make their money by collecting and selling the very data you are trying to protect. Commonwealth Sentinel can help organizations choose and configure a VPN that fits their needs, though there are solid consumer options available as well.
Verify the network name. Before you connect, ask a staff member for the exact name of the network. Do not assume. If you see two networks with similar names, that is a red flag.
Stick to HTTPS websites. Look for the padlock icon in your browser’s address bar. HTTPS means the connection between your browser and that specific website is encrypted. It is not a complete solution, but it adds a meaningful layer of protection. Most modern browsers will warn you if a site is not using HTTPS. Pay attention to those warnings.
Turn off auto-connect. Most phones and laptops are set to automatically rejoin known networks. That means your device may connect to a malicious network without asking you first, simply because it has a familiar name. Go into your settings and disable auto-connect for public networks.
Forget the network when you leave. After you disconnect, tell your device to forget that network entirely. This prevents it from reconnecting the next time you are in range.
Do not access sensitive accounts. If you are on public Wi-Fi without a VPN, do not log in to your bank, email, payroll system, or anything that stores personal or financial data. Check the news or the weather. Save the banking for a secure connection.
Keep your software updated. Security patches close the holes that attackers use to get into your device once they are on the same network. An outdated operating system or browser is an unlocked window.
The Bigger Picture
Public wi-fi is not going away. Coffee shops, airports, libraries, and courthouses will continue to offer it because people expect it. The goal is not to avoid it forever. The goal is to understand what you are walking into and to take a few small steps that make a real difference.
The clerk in eastern Kentucky was not careless. She was busy doing her job in a world that treats public Wi-Fi as though it were as safe as tap water. It is not. But with a few plain precautions, it does not have to be a trap either.
Commonwealth Sentinel exists for moments like these. We help local governments, small businesses, and nonprofits across the Commonwealth build the kind of everyday cyber security habits that keep people and data safe. Not with scare tactics. Not with a sales pitch. With plain advice, honest assessments, and the kind of partnership that starts with a conversation.
If your organization could use a second set of eyes on its security practices, we would welcome the chance to sit down with you. Contact us or call us at 502-234-5554. That first conversation costs nothing, and it might be the most useful hour you spend this month.
At Commonwealth Sentinel, we stay focused on cyber security so you can focus on other things!