Public Wi-Fi – like the type you get access to in coffee shops, hotels, and airports – is highly convenient, allowing you to maintain a data connection without using any through your wireless plan. However, using public Wi-Fi isn’t always the safest option, particularly if you’re dealing with sensitive information. If you’re wondering, “What security risk does a public Wi-Fi connection pose for online banking?” here’s what you need to know.
The Risks of Using Public Wi-Fi for Online Banking
More often than not, banking websites and apps use encryption to protect the information you send over any network, including public Wi-Fi. Encrypted webpages are marked with a lock symbol next to the URL or “https” – with the “s” being the critical part – in the address bar.
However, that doesn’t mean online banking over public Wi-Fi is risk-free. Hackers use a variety of techniques to steal sensitive data from unsuspecting people. Here is an overview of some common strategies.
Man-in-the-Middle Attack
With a man-in-the-middle (MITM) attack, hackers break into the network and position themselves between a connected device, such as your smartphone, and the Wi-Fi router. Then, they can functionally eavesdrop on information passing between the device and router, making it possible to capture user names, passwords, and other details.
Another strategy that hackers can employ when using MITM techniques is redirecting traffic that’s running between your device and the network. When they do, they typically send unsuspecting people to fake websites designed to look secure and resemble a legitimate financial institution’s site. The goal is to trick users into believing they’re on the real website and have them input their login credentials or provide other sensitive information. If they do, then the hacker can capture those details.
Evil Twin Attack
An evil twin attack is when a malicious actor sets up a Wi-Fi hotspot and names it something associated with a legitimate entity, such as the café you stop at for coffee. The goal is to trick people into thinking that the hacker’s Wi-Fi hotspot is the one offered by the company.
If you connect to the evil twin by mistake, hackers can intercept your data with surprising ease. Additionally, the Wi-Fi device can be a tool to deploy malware onto your device, putting you further at risk.
Reconfigured Connection
In some cases, public Wi-Fi routers use default login credentials to access internal settings. When this occurs, a hacker may be able to figure out the necessary username and password, allowing them to access configuration settings within a company’s public Wi-Fi connection. Then, they can change the settings to meet their needs, which can put you at risk.
Sniffing Attack
A sniffing attack is a technique where hackers use a packet sniffer – which is a legitimate tool often used by networking professionals – as a means of intercepting, capturing, and reading sensitive data that’s passing through a network. Typically, unencrypted data is most at risk. However, some attackers may inject malicious code that could hijack or compromise your device, too.
Tips for Safe Online Banking When Using Public Wi-Fi
Update Your Operating System, Browser, Applications, and Antivirus
Keeping your operating system, browser, applications, and antivirus software up to date reduces the odds that there are security vulnerabilities present that hackers can leverage. Ideally, you want to turn on automatic updates, but if you don’t for any reason, make sure to check for them regularly and apply them as soon as possible.
Use a Virtual Private Network
A virtual private network (VPN) is a solution that adds a layer of encryption to your traffic, which makes it safer to use public Wi-Fi networks. Even if hackers intercept your traffic, they’d need to decrypt it to do anything with what they capture, which is no easy task.
Turn Off Bluetooth
Open Bluetooth connections give others a potential point of entry into your device. As a result, it’s often wise to just switch it off if you’re using public Wi-Fi and don’t have a need to use the connection yourself at that particular moment.
Ask Establishments Before Connecting
If you’re concerned about whether a Wi-Fi network legitimately belongs to a business, ask an employee about the available Wi-Fi connections. Typically, they’ll be able to tell you if Wi-Fi is something the company offers, as well as which network belongs to it.
Use Banking Apps Instead of Websites
While banking apps can have security vulnerabilities, they’re potentially safer to use if you’re on public Wi-Fi. Hackers can’t simply redirect you to a fake website designed to match your bank’s site without raising suspicion if you’re trying to connect through the mobile app instead. Essentially, the redirection attempt is more obvious, which may be enough to alert users that something is wrong with the connection.
Set Up Two-Factor Authentication
Using two-factor authentication (2FA) on your bank logins adds an extra layer of security. Usually, 2FA involves a second verification step, such as a code you need to enter that’s delivered via text message. Even if your username and password are compromised, a hacker may not be able to get the additional authentication step complete, and that helps keep your account secure.
Heed Browser Warnings
Many browsers will issue a warning if they believe there’s something wrong with a website. For example, they’ll often alert you if you attempt to go to a secure (https) site and only an unsecured (http) version is available. Similarly, they’ll often notify you if there’s an issue with a site’s certificates or if there are too many redirection attempts. If you see these warnings, particularly if you’re using a less familiar public Wi-Fi connection, wait to do any online banking until you can find a network you trust.
Change Your Passwords Regularly
If you use public Wi-Fi regularly – or even if you don’t – changing your banking passwords regularly helps protect your accounts. If a password was captured by a hacker or is part of a breach, creating a new one renders that information useless.
Skip Public Wi-Fi
For sensitive tasks like online banking, using your cellular data connection is typically the safer option. While it’s not impossible for hackers to compromise those networks, doing so is much more difficult than compromising public Wi-Fi.
Can you think of any other risks of using public Wi-Fi for online banking? Share your thoughts in the comments below.
Read More:
- Is It Safe to Throw Away Bank Statements?
- What Is Infinite Banking? Your Questions, Answered
- What Advantages and Disadvantages Are There to Saving Money in the Bank
Tamila McDonald is a U.S. Army veteran with 20 years of service, including five years as a military financial advisor. After retiring from the Army, she spent eight years as an AFCPE-certified personal financial advisor for wounded warriors and their families. Now she writes about personal finance and benefits programs for numerous financial websites.