Just about every experienced Internet user today understands that there are many dangers to be aware of. With criminals increasingly seeking to steal valuable credentials and hold data for ransom, it always pays to be as careful and deliberate as possible. On the other hand, some people prefer to take a more relaxed approach to Internet security, prioritizing convenience and ease of use over the sometimes-cumbersome kinds of precautions that experts recommend. While that might make life feel a little more enjoyable, it can also lead to real problems. For example, public wifi dangers are everywhere today, and it can take only a moment of inattention to fall prey to some serious threats.
Pitfalls of these kinds take a number of different forms, with a couple of them being most potentially damaging of all. Most Internet users will be familiar with how WiFi access points advertise themselves to clients, often offering up a name that relates to the sponsor or source of connectivity. Someone visiting a favorite local coffee shop, for example, might recognize the associated hotspot name and sign on without thinking too much about the security implications.
Unfortunately, the various WiFi security standards do not include any provisions for making sure that such labels are ever accurate or associated with the source they might be assumed to stem from. What this means in practice is that someone with harmful intentions can easily impersonate a particular access point simply by reusing the name. Once victims sign on for access, their traffic can then be redirected to sites designed to steal credentials or otherwise compromise their security.
That might sound bad enough that real WiFi security can never be assured. In practice, though, devices themselves will not normally be fooled by this style of impersonation, as they will recognize that the impostor’s hardware details differ from the real thing. One way of recognizing that such an attempted hijacking is in progress is to notice that a device wants permission to connect to an access point it has used without questioning in the past. While simple measures like these cannot ensure rock-solid security, observing them faithfully and consistently will always help.