Month: November 2017

Start taking your online privacy seriously in the face of ever-tightening internet regulation.

These days, the best VPNs have made the transition from a ‘nice thing to have’ to a ‘must-have’ for many folks who are online. And that’s mainly because of concerns around online privacy, and regulations like the Regulation of Investigatory Powers Act (RIPA) in the UK, or the legislation passed in the US that allows ISPs to sell user data. 

It’s not just Big Brother you need to worry about either. Big Tech like social media and search engines are frequently in the news for tracing user’s IP address and personal data, sometimes to serve up personalised ads and at other times to sell it on to third parties. 

In short, there are a number of compelling reasons why you should start using a VPN, and we’ve rounded up 10 good ones here.

1. Secure messaging

Online communications have evolved from simple text-based emails to robust cross-platform messaging services – including WhatsApp, Skype and Snapchat to name a few of the more popular ones. 

Some messaging apps such as Whatsapp use end-to-end encryption, whereby your encryption keys never leave the devices of the people who are communicating. If set up correctly, this means that not even Meta, the owners of Whatsapp can read the messages you send and receive. This is true whether or not you use a VPN.

Sadly, some popular messaging apps don’t use end-to-end encryption or at least not fully. For instance, Snapchat encrypts ‘snaps’ but not text messages between users.

If you use a VPN with these apps, all your connection data between your device and the VPN server is encrypted. This means that anyone with access to your ISP’s records wouldn’t be able to intercept and read your messages.

This won’t protect you however if someone hacks into the messaging server for your chosen app, as they could get a copy of the messages on there. Stay safe by both subscribing to a reliable VPN Provider and use a free and open source app like Signal Messenger which does have end-to-end encryption for all types of communication. 

2. VoIP

VoIP stands for Voice over Internet Protocol. This is the revolutionary advance that enabled digital voice communications at a lower cost than traditional phone lines by routing calls through the internet.

The downside is that now instead of tapping individual subscriber lines, VoIP calls can be acquired and analyzed in bulk. By sending these calls through a VPN, they are encrypted, and therefore require serious decryption skills to gain access to the call, making things much harder for any snoops monitoring your connection in real time. (As with messaging apps, remember that your server could be compromised so try to find a VOIP provider that encrypts calls such as Zoom).

Even if your VOIP calls are encrypted, remember that snoopers may also try to track you through your provider’s metadata such as the IP address you were using when you placed your VOIP call. Using a VPN routes all your traffic through your provider’s server, so a bad actor would see the server’s IP address in this case, not yours. 

3. Online gaming

Using a VPN to play an online game might seem like a poor idea on the face of it, as it could reduce your connection speed but it does offer some advantages. 

Additionally, a VPN can be used to overcome geo-blocking restrictions, so for example, an American can continue to play a US-based game while traveling overseas. 

In some cases, using a VPN will actually offer faster connection speeds as it could avoid your ISP using “throttling” or “bandwidth shaping” to deliberately slow down traffic from gaming servers. You also may be able to connect to a VPN server which is closer to your gaming server (which you might not have even been able to access without a VPN).

Through hiding your IP address via your VPN you make your home connection less easy for hackers to target.  A VPN can increase your level of protection against DDoS attacks for instance – not that these are common, but gaming rivals with a serious grudge could decide to attempt to target your connection and bog it right down, lagging you out of the game. A nasty prospect indeed. Still, if they did this whilst you’re using a VPN, it would be your provider’s servers they target, not your home computer.  

4. Avoiding government censorship

In some countries the internet is highly censored by oppressive governments. This hampers efforts to communicate outside of the regime, and prevents access to sites that we all take for granted.

Obviously enough, when you’re travelling to such a country, you will also be subject to this online censorship – so a VPN could be a necessity if you want to freely surf the web and communicate with the rest of the world.

Some countries are aware of this and go to great lengths to detect VPNs in use, such as through using Deep Packet Inspection (DPI). If this is a concern for you, some VPN providers use obfuscation technology to try to disguise the fact you’re using one in the first place.  

5. Secure public Wi-Fi

When out and about, staying connected is often a necessity, and free Wi-Fi has become an important commodity for staying in touch with family members, as well as business colleagues. The added bonus is that using Wi-Fi won’t chew through your smartphone data plan.

However, using public Wi-Fi can also be fraught with hazards. In the first place, any websites you access or data you enter without using SSL/TLS will be readable to other devices also connected to the public Wi-Fi network. Bad actors can also use “SSL Stripping” to try to force your computer or mobile device to use unencrypted versions of websites. 

Assuming you encrypt your data, bad actors can also use DNS ‘poisoning’ to redirect you to fake ‘phishing’ websites to fool you into entering sensitive personal data like passwords.  

Some cybercriminals even deliberately set up fake ‘honeypot’ Wi-Fi connections, which resemble legitimate public Wi-Fi hotspots but are designed to redirect you to phishing sites or malware.

The good news is that a VPN with a modern encryption protocol can help protect you and your precious data from these types of attacks. Although it won’t stop you from installing malware or entering personal data, most reputable providers use their own DNS servers to protect you from being redirected to the wrong page in the first place. Bad actors monitoring your connection on the same public Wi-Fi network would also only see encrypted data, not which specific sites you’re visiting or apps you’re using. 

6. Location-based price targeting

Businesses not only target their ads at customers, but they also adjust their pricing as well. We can (mostly) accept the fact that a supermarket chain may adjust the price of a certain item at different locations due to ‘local competition’. However, this sort of practice gets more painful when it occurs over the internet, as in essence it should be a level playing field.

Well, a VPN can even those odds right up. By being able to choose the VPN server’s location, you can change where the online shopping site will think that you are, and therefore benefit from the best price, as opposed to the one you’d have got from your real-world location.

Some VPN providers make this easier than others by offering easy to use “client” software for devices so you can switch servers with just a few taps or clicks. Take some time to read our guide on how to change location and IP address with a VPN to start saving now. 

7. Bypass restrictions

Using a computer at certain locations, such as a school or library, will not offer the full internet, but rather a filtered, partially censored version. While in some cases this works for the protection of users, in other cases it can be frustrating when trying to look into a blocked topic.

For example, in one case a user was researching the topic of ‘breast cancer’ for informational purposes, and was blocked from doing so as the word ‘breast’ was on the restricted list to protect users from pornography. 

When you establish a VPN connection, you’re connecting to the Internet via a special VPN server. This means that you can access exactly the same websites as the server, not just those that your particular school or organisation want you to see.

If your organisation’s network also blocks certain protocols e.g. downloads via P2P software, you can also use a VPN to get round this : as your traffic’s sent down an encrypted ‘tunnel’ their servers won’t know which particular software you’re using.   

8. Help stop Google tracking

There are times when the ‘Do no evil’ company, Google, seriously starts to resemble ‘Big Brother’ as it seeks to track what every user does online, including searching their Gmail accounts to better target ads – although the firm has promised to stop this practice. Although Gmail aside, Google has plenty of mined data from other sources; it is a search engine giant, after all.

The firm has faced fines in the past for gathering personal data without permission or using it in ways that weren’t made clear to end users.

A VPN allows the user to stop Google from being the ‘camel that sticks its nose under the tent,’ and to take back control of their privacy. 

Without a VPN, users are literally tracked in just about everything they do online with Google’s suite of products from email, search, to G Suite apps, and when using the popular Chrome browser, among other considerations.

Using a VPN will conceal your IP address to stop Google from tracking where you are all the time. If you use Android, consider also turning off Google’s location services on your devices. 

Reduce the chance of seeing annoying ads by using an ad-blocker and make sure to set your browser to “Do Not Track.” You should also consider switching from Google to a more privacy conscious search engine like DuckDuckGo. 

9. Research without a trace

There are times when some research needs to be done without tipping your hand. For example, if one company wants to look at the available jobs or policies at a competitor, it would be ideal to do this without revealing their IP address, especially if this is done from the workplace.

This is especially important if you’re not using your home internet connection, as otherwise whoever manages the network e.g. in your office can monitor data packets passing between your device and the internet. 

This means, for instance, if you’re browsing job-hunting websites for another position, your boss could find out before you’re ready to leave. 

A VPN is an effective cloak in these cases, as all data between your device and the VPN server is encrypted, so unreadable to network admins. If you decide to e-mail a new employer about a job offer and they trace the IP address used, they’ll also see that of the VPN server, not your current employer! 

10. Take control of your privacy

Quite simply, a VPN has become a necessity to keep online activities private. Email and cloud storage accounts, with their potential to be compromised, are a ripe target for hackers. Thankfully, by using a VPN and choosing a robust encryption protocol, privacy can be reclaimed.

If you don’t already have a subscription but want to get started, first check out the best VPN available for 2023. There are free VPNs available but we don’t recommend them, as some providers sell user data and almost all of them have to restrict your bandwidth or show you adware to keep the lights on. Most paid providers either offer a free trial or let you pay for just 1 month upfront, so you can decide if their service is right for you.

When choosing the right provider for you, you should also consider why you want to use a VPN service. If it’s just to stream TV shows from elsewhere in the world, then privacy isn’t a big concern, so consider choosing a VPN Provider that specialises in streaming shows like Netflix.  

If you’re doing this for privacy reasons, you will want a more security conscious VPN service that offers modern protocols using advanced encryption. 

If you live in a country which restricts or blocks VPN usage, consider a VPN that uses obfuscation tech or at least one which has experience in dealing with the specific restrictions in your home state. Check out the best VPNs for China, as well as VPNs for Turkey and VPNs for UAE to get started.  

Read More 

VPN services can be a valuable tool for ensuring your online security, but they aren’t without weaknesses.

The internet is a virtual minefield of hazards, and you need to protect yourself. VPNs continue to increase in popularity, and many users are turning to the best VPN services as a way to keep their communications secure and to protect their privacy.

VPNs aren’t just for helping defend yourself when using insecure public Wi-Fi, either – they remain an important tool in keeping a home network secure. 

As we’ve seen WPA2 (wireless) exploits like Krack, those using a VPN – even with a compromised home network – would still have protected their data from potential hackers. This is important, as it seems we’re still a long way away from adopting the more secure WPA3 standard on wireless networks.  

We’ve also debunked 6 common myths concerning VPNs

Despite all the numerous advantages and uses for a VPN, there are potential downsides, too. 

In this article we’re going to discuss six clear weak spots of VPN services, from the level of anonymity they’re supposed to guarantee, to issues revolving around user data, and the ever-present specter of mass decryption. 

1. 100% anonymity – or not…

A VPN creates a private tunnel for a user’s encrypted data to travel down, but cannot guarantee complete or even 99% anonymity. Firstly, while the VPN service may promise that it does not log or share data, it is impossible to know if this is really the case. There is no way of seeing behind-the-scenes, as it were, to view how the VPN really works. (See below for more about logging)

Furthermore, there are multiple ways in which the data can be breached, including IP leaks (which can mostly be protected against with a VPN kill switch), and DNS leaks. 

Even if a VPN provider uses their own DNS servers, you must have their software set up properly on your device to protect yourself, otherwise the requests you make to visit websites will be available to anyone with access to your ISP’s records, even if you do use a VPN. For more information, see our guide What is a DNS leak. 

Most modern web browsers also support WebRTC (Real-time communication). In theory this is a useful school that allows you to place voice and video calls via your browser without installing additional tools. In practice, it needs to broadcast your IP address to do this and in some cases it doesn’t do this through the encrypted data ‘tunnel’ to your VPN provider. The bottom line is that your real IP address can leak onto the internet. Luckily this is quite easy to fix, either through changing your browser settings or by using a browser add-on. Make sure you know all about WebRTC leaks and how to prevent them.

For those users who truly want to take their level of online anonymity to the next level, we’ve looked at combining Tor and VPN, although this introduces its own set of issues (including whether the VPN or Tor browser should be started first for maximum privacy and anonymity). 

Using Tor also comes with its own privacy issues, particularly if you’re accessing the clear internet via an ‘exit’ relay instead of a tor hidden service (.onion address). 

2. Geo-blocking working against the user

We were promised decades ago that the internet would enable the exchange of ideas and content without any barriers. However, these days that’s hardly the case, and one prime example of a barrier is geo-blocking. This is where content is restricted on the basis of the user’s location.

There are plenty of examples of the best streaming VPNs being used to access geo-blocked content, such as enabling access to the BBC’s iPlayer from outside of the UK, or using the purpose-made VPN Getflix, which is purpose-built for circumventing Netflix’s geo-restrictions.

While a VPN can be useful as a workaround to bypass geo-blocking, it can also be a double-edged sword, in some cases making the internet frustratingly difficult to use. 

This can occur when using a VPN with an offshore server, and then attempting to access a local map, local traffic data, or even the online circular for a local merchant, none of which will be accessible.

Also, with the VPN directing the tunnel to a server outside of your home country, you could lose access to popular country-specific websites such as Amazon.

Furthermore, you can get geo-blocked when you try to watch online video from your cable carrier, or access your local newspaper. Sure, a better VPN will have plenty of servers in your own country to run your tunnel through, but this still becomes one more thing you have to pay attention to, with potential for hassles therein.

You can overcome this issue by using a VPN provider which supports split tunneling. This involves setting up a specific app like Netflix to connect via a VPN server, leaving the rest of your traffic unaffected.

This has privacy implications, as if you use another app which is not connected to the VPN, your IP address will be available to the Internet at large. Your data also won’t necessarily be encrypted. Still, it does save the trouble of manually switching servers each time you want to appear to be in a different country.

3. Logs kept by VPN services

The concern with a VPN is that it may keep user data, specifically your data, and have a log of internet activities to provide to authorities. In the end, if you choose the wrong VPN, the record of your online activity may be hidden from your ISP, but instead it could be maintained by your VPN. So all you’ve done is change who is monitoring you.

The solution is to seek out a no log VPN – effectively, the most private VPNs you can get – which means that the provider promises user data is not logged, and therefore not stored, so there is nothing to hand over to anyone down the road. Some VPN services even market themselves with their ‘no log’ feature, and a good example of this is NordVPN.

Unfortunately, if you look deeper into the issue, you may find that one ‘no log’ policy differs from another. For example, while NordVPN clearly states it has a no log policy, its exact stance on ‘session logging’ is not clear – in other words, some of this may occur. Session logging does not record the actual data transferred, but just the time of logging on and off, as well as the IP addresses visited. But that data could still be used against someone. And this does happen.

Want a real-world example? Popular VPN HideMyAss responded to a court order back in 2011, and provided session logs for a hacker that was a member of LulzSec, and this resulted in an arrest. Furthermore, this is not an isolated example – there’s a more recent one of PureVPN collaborating with the FBI – so these logging policies and practices can potentially have serious implications.

The gold standard when it comes to logging is to find a provider which regularly submits to audits by a trusted third-party to ensure their “no logging” claims are true. 

4. Free VPNs aren’t worth it

Many folks want to save money, obviously enough, and the best free VPNs can sound really tempting. 

However, take a step back for a moment and realize that any business that wants to stick around has to make money at some point. Even free VPNs need to make a profit.

In one case, the VPN service Hola was accused of taking the bandwidth of 47 million users of the free offering, and allegedly selling this through a separate service known as Luminati (also owned by Hola). This plan allowed users’ IP addresses to be used for exit nodes. 

In fact, selling user data to cover costs is a popular way for “free VPNs” to operate. As worrying as this, the apps are sometimes used to distribute malware.

In November 2022 security researchers found that a “free” VPN Android app, which had been downloaded multiple times via links in Telegram message boards contained the spyware Sandstrike, which harvests user information. The scary part is that the app wasn’t a virus per se: it did function as a VPN app should, just also harvesting data about certain users. 

In short, tread carefully if you’re picking a free VPN. When it comes to software, consider using an open source VPN client like OpenVPN Connect if the provider supports it. Make sure to download VPN programs only from official sources such as the Google Play or Apple App Stores and verify all web links.  

5. Data mining

While VPNs promise a high level of privacy, this isn’t consistently the case. With so much data going through a VPN, there are plenty of opportunities to use it for nefarious purposes. Also remember that the VPN has the key to decrypt the data that goes through its server.

Only the reputable VPNs will keep all of your info private, and there are multiple access points that can be compromised, including IP addresses, MAC addresses, geo-location data, and DNS requests. Furthermore, it’s nigh-on impossible to know what is really going on with your data behind the scenes – until a scandal story hits the news headlines.

Of course this is no more true of a VPN Provider than your ISP but remember when you start a VPN subscription, you’re simply shifting your trust from one company to the other.

Admittedly VPN Provider’s entire business model relies on respecting user privacy, so they may not willingly hand over information. Still, some jurisdictions allow VPN services to be served secret court orders where they have to start recording information like your IP address and DNS requests without telling you.

If you’re concerned about this, consider using a VPN which has a “warrant canary”.  This simply involves the provider confirming at regular intervals e.g. through a monthly video address that they have not been subjected to any secret warrants or subpoenas. If they fail to regularly confirm this, you’re then free to close your account and use another service.  

6. Mass decryption

The truly colossal number-crunching power of today’s supercomputers raises concern around the issue of who else has the power to peek inside a user’s VPN tunnel.

This process is termed ‘mass decryption’ and the likes of government cybersecurity agencies certainly have the massive power needed to crack current levels of encryption used by modern VPN protocols.

In September 2013 Edward Snowden leaked NSA documents which seemed to show they had deliberately weakened an open source RNG (random number generator) used for elliptic curve cryptography, which is commonly employed in VPNs. Theoretically this would allow the NSA to break encryption keys generated using the algorithm.

This was apparently part of their “Bullrun” program, whereby intelligence agencies spend hundreds of millions of dollars every year deliberately weakening encryption standards. 

So, the short answer is yes, the likes of the NSA might well be able to break into VPN tunnels. 

Therefore we must bear in mind that while using a VPN certainly boosts your level of privacy, it is far from a guarantee of avoiding government surveillance, at least.

The best thing to do is adopt a layered approach to your security. Consider the VPN as the outer layer, then see what you can do to protect your data if someone breaks through it.

Your second layer, for instance, could be to use messaging apps employing E2EE “end to end encryption”. In short this is where the encryption keys used to protect a chat, voice or video call never leave your device or that of the person you’re talking to. 

That means that while a company like Apple might see your data moving through their servers, they won’t know exactly what you’re saying, even if your VPN protection is broken.

E2EE has become so popular that many mainstream apps like Microsoft Teams and Zoom’s Cloud Phone Service supposedly use it. However as these are proprietary products it’s difficult to take big corporations at their word. Try instead to use open source apps like Signal Messenger. If the code’s publicly available, it can be reviewed by security experts to check for any bugs or backdoors. 

The NSA can also only target you if they know you’re using a VPN. Some providers like NordVPN and VyprVPN support obfuscation technology, whereby they try to hide your VPN traffic as regular internet traffic. This can be done through specialist servers and or custom protocols, though there’s no way of knowing if those fools intelligence agencies.  

Read More 

Public Wi-Fi networks are now expected in certain locations, but what are the risks of using them?

What is public Wi-Fi?

We’re all familiar with Wi-Fi, and the convenience it affords. Technically, Wi-Fi refers to a technology that enables computers and other devices to connect to the Internet and communicate wirelessly. Wi-Fi is configured using a wireless adapter to create a “hotspot.” Once a connection is established, users within range of the hotspot can connect to the Internet network.

Wireless networks are located either in the home, which is generally referred to as a “closed network,” or in public places, which can be open or closed depending on the security settings in place. 

Public Wi-Fi is often unsecured in that they don’t use any form of wireless encryption. The advantage of this is that pretty much any WiFi-compatible device can connect to it. The big downside is that it can cause huge security problems, and many people opt to use one of the best VPN services to stay protected.

Check out our list of the best free VPNs and our VPN deals.

  Where are public Wi-Fi networks found?

Public Wi-Fi networks aren’t hard to find. They are prevalent in locations around the world and you encounter them in your day-to-day life as well as during travel.

According to research by Kaspersky, around 1 in 5 wireless networks around the world are completely unsecured. This means there are about 6.4 million such hotspots.

Seoul, South Korea not only has the fastest internet in the world but over 10,000 free WiFi hotspots all around the city, at airports, public parks & even the popular neighbourhood of Gangnam. 

Perth, Australia takes this a step further offering blanket coverage free public Wi-FI throughout the entire city for 60 minutes at a time. Users are limited to 2GB per day to avoid too many downloads down under. 

In New York City all subway stations have Wi-Fi coverage, provided by the good people of TransitWireless offering unlimited internet use in platforms, ticket areas & mezzanines in every station. 

The Wifi4EU project aims to offer free WiFi to all European citizens in every public place. It’s funded by the EU Commission, who have already pledged 120 Million Euros in support. 

Why are these networks insecure?

An unsecured Wi-Fi network is any network that does not require you to enter a password or login credentials to use the network. These “open” networks or “hotspots” also involve un-encrypted connections, leaving users at great risk. 

The hotspots are an easy target for hackers and nefarious people trying to steal login passwords, credit card information and content of communications or other personal details. 

The main dangers of using unsecured Wi-Fi are:

Hackers/Snoops: Hacking has become much easier for bad actors these days through using ready made tools & equipment. For instance, some hackers set up fake “honeypot” public Wi-Fi hotspots to try to lure people into connecting to them. Once connected, any unencrypted information you send, such as the names of websites you visits can be logged by hackers. Hackers rely on you wanting to use their honeypot wireless network because it’s free & convenient. But once you’re linked to them, they can not only read your unencrypted network traffic but try to redirect you to fake ‘phishing’ websites to make you enter sensitive information or download malware. (See below). 
Man-in-the-Middle Attacks: If a hacker connects to the same unsecured wireless network as you, they can send bogus data to your device & the network router to obtain their unique IP address & special ‘MAC’ address. Once they do this, the hacker can then impersonate each device, sitting in the middle of their “conversation”. By intercepting yours & the router’s communications hackers can read your data, or even inject harmful software & links into your connection requests.
Malware: If a hacker can connect to your device, they may try to inject ‘malware’ to record your personal information, or even encrypt it with ransomware. The scary thing about malware is that you can stop all other kinds of attacks just by disconnecting your device from the network. If your machine’s infected with malware though, your data could still be at risk, even when you connect to a secure wireless network at home or in your workplace. 
Rogue Hotspots/Fake Networks: These are hotspots that are set up by criminals, using a name close to that of the actual, legitimate Wi-Fi hotspot. These hotspots are created to trick users into connecting, thinking they are using a legitimate network at a coffee shop, for example. When you connect to one of these networks you become vulnerable to hacking/snooping conducted by the owner of the fake network.

What Information is at risk?

 Now that you know unsecured public Wi-Fi networks are an easy target for criminals or snoops trying to steal your personal details, it’s important to understand what exactly they can get their hands on – and how revealing this data can be. When using these networks, the following information may be at risk:

Your location
The websites you visit 
Your personal communications, such as emails, chats and messages
Whom you are communicating with
Files you send, photos
Your passwords and other sensitive information
Login credentials for various websites, such as banking websites

All this isn’t just hype! There are reports of users connecting to unsecured Wi-Fi networks around the globe, often with devastating consequences for their users. 

Tourist attractions: Some of the most unsecured Wi-Fi networks can be found at popular tourist attractions and destinations around the world. A 2015 report by Skycure (now owned by Symantec) listed some of the riskiest tourist locations for Public Wi-Fi including Times Square, Notre Dame Cathedral & EuroDisney.  

On-board airplanes: Airplanes are a goldmine for hackers & data thieves. In 2016, there was quite a stir when a journalist was hacked while using American Airlines’ in-flight GoGo Wi-Fi on-board a plane. The hacker revealed details of what he the journalist working on, compromising the story as well as alarming all who heard about it. This incident proved just how quick and easy hacking in-flight Wi-Fi was. A 2022 study by Necrum Security Labs showed that many airlines use outdated WiFi equipment, which contains serious vulnerabilities. In 2015, a Google Security researcher also discovered that the aforementioned GoGo Inflight Internet provider were issuing their own SSL Certificates to impersonate Google’s websites. This is another type of “Man in the Middle” attack & is particularly worrying, as usually when you access a website using SSL/TLS on public Wi-Fi, you can be sure your data’s safe as it’s encrypted. 

Public buses: The city of Sydney Australia, recently announced plans to offer Wi-Fi on-board all public buses. But this Wi-Fi comes with a catch – it will collect and sell personal user information. While this risk doesn’t occur because the Wi-Fi is insecure, it’s another privacy violation that users need to be aware of on Wi-Fi. If this surprises you, you may be shocked to learn that many free Wi-Fi providers offset the cost of running their hotspots by selling off the personal data of their users. GDPR has made this more difficult to do in the EU in the past few years but this is difficult to enforce. 

Ignorance is not bliss

According to a study conducted by the Identity Theft Resource Center, about 40% of people were unconcerned about using public Wi-Fi. Of those who were worried, less than half took steps to secure their connection on these networks. This is very concerning, considering the activities that most frequently take place on public Wi-Fi:

Checking personal email accounts (including logging in)
Using social media (including logging in)
Accessing banking or financial information

What’s even more concerning is people’s willingness to use these networks, despite being aware of the risks. A McAfee poll revealed that a large percentage of people – 38% – still opt to use free unsecured Wi-Fi. Combine that with a statistic from the AARP’s Convenience Versus Security report that “A quarter of the adults who use the Internet access it via public Wi-Fi once a week or more,” 

A 2019 cybersecurity revealed a staggering 45% of working American adults trusted the public Wi-Fi network of a frequented public location. 

This should give you an idea of how common using unsecured networks is.

Protecting yourself on public Wi-Fi

All of this is very unsettling, especially for those who have never considered the risks of public Wi-Fi before. But you don’t have to avoid Wi-Fi networks or accept the inevitability of privacy risks – there are things you can do!

While there are several ways to protect yourself when using a Wi-Fi network, one way beats the rest – using a VPN. 

A VPN encrypts your Internet connection to secure it and protect your privacy. When connecting with a VPN, no one – not your Internet Service Provider, your business/network owner nor any third-party hacker or snoop – can see the information you send over the network. This is extremely important when using unsecured Wifi, as anyone can read the data packets your device sends and receives: if they’re encrypted, they won’t be of any use to hackers. 

Take some time to read through our guide to the very best VPN providers available today.

Besides subscribing to a reliable VPN provider & connecting to their service each time you use Wifi, there are several other precautions you can take:

Think before connecting: Don’t be tempted to connect to the very first “free” Wi-Fi network you see. Check with the site owner to make sure it’s the right one. If there are T&Cs to which you need to agree before using their service, make sure to read them carefully. 

Configure network settings: Most modern devices allow you to change your network connection settings to tell the system that you’re on a public Wi-Fi network, to which anyone can connect. This makes your device much harder for others to see on the network. 

Use a firewall: Many modern devices & operating systems come with a firewall already set up but take some time to check yours is switched on. If you don’t have reliable firewall software, read through our guide to the best firewalls of 2023.

Use HTTPS: If, for some reason, you can’t use a VPN then at least make sure you access ‘secure’ versions of websites. It’s usually very easy to tell if your connection is protected by HTTPS as the web address will begin “https://” and you’ll see a padlock icon in the address bar.

Use two-factor authentication: 2FA, also known as “two step” verification means that each time you connect to a website or online service for the first time, you’ll be asked to enter a code along with your password. The code is usually generated by a special authenticator app but sometimes can be done by SMS too. That way even if a hacker steals your username & password they can’t access your account.

Switch off auto-connect: Most devices like to save you the trouble of having to manually enter your network settings & connect to wireless networks, so will automatically connect to Wi-Fi hotspots they’ve previously encountered. This could mean your device connects without you knowing & leave your data at risk. Contact your device manufacturer for help with disabling the ‘auto-connect’ feature. Alternatively you can just tell your device to ‘forget’ wireless networks altogether after you’ve finished using them.

Bottom line

Whilst there are many threats out there that come from using WiFi networks outside your home or workplace almost all of them can be avoided by doing one thing: using a reliable VPN service.

If your data is encrypted, including the DNS requests that you make to visit websites, an attacker won’t be able to know which sites you’re visiting, what information you read & enter, as well as what internet-applications you use.

Some VPN providers can even help with features like firewalls & anti-malware software, and with the quality of some cheap VPN providers, staying safe when you’re out and about doesn’t have to cost the world.

Read More