We’ve all done it. You’re working on the road, or maybe you need to just escape the office for a second. So you head over to the nearest coffee shop and hop on the free wi-fi and plug away. But have you ever thought about the security of sharing an internet connection with strangers? It should definitely make you pause for a moment.

Here’s the truth about public wi-fi: it isn’t secure! It’s not the coffee shop’s fault. Or your fault or anyone’s really. It’s simply due to the fact that by its very nature, public wi-fi requires that the public has access to the network. Otherwise, it’s pretty pointless, right?

Why can Public WiFi be Dangerous?

Public wi-fi is inherently insecure because it’s either unencrypted, or it’s encrypted but everybody knows the shared secret (the password). This leaves anyone using the network vulnerable to attack but how?

The most common type of attack seen on public wi-fi is known as a man in the middle attack (or MITM for short). A MITM attack is very easy to carry out and can be very fruitful for the attacker. All an attacker has to do is introduce what’s known as a “rogue access point” which is simply an antenna that broadcasts a wireless network with the same (or a similar) name as that of the genuine public wi-fi. When you connect your computer or another device to this rogue network (unknowingly), any information sent over this network is first captured by the attacker’s device.

This means that all data you send and receive while connected to this network can be copied by the attacker. In many cases, encryption helps by “scrambling” your data and rendering it unreadable. However, there are MITM methods that can trick your device into sending data in an insecure manner, which can lead to the attacker learning your credentials, financial information, and more. It’s very to be tricked into connecting to an insecure connection because it looks exactly like the connection you’re used to using.

How do I Protect Myself?

The easiest way to avoid the risks of public WiFi is to simply not use public WiFi. Instead of using public WiFi, consider using the WiFi hotspot feature on your smartphone. Configure your hotspot to use a secure password and you will quickly have your own private and encrypted network to work from. This is much more secure than utilizing the insecure public wi-fi.

If you must use public WiFi, consider using a VPN service like private internet access, or your corporate VPN with split-tunneling disabled. This will securely route all of your internet traffic through an encrypted tunnel created by the VPN connection itself. This means that any data sniffed out by attackers is entirely useless to them.