A recent survey shows that 50% of people will choose to use public WiFi instead of mobile data when they are away from home. But few users are aware of the dangers public networks may pose, and they make the risks even worse by not switching some of their phones’ settings off.
“One of the most ‘dangerous’ settings we usually have on our phones is the auto-join function. This function helps to connect your phone to a network automatically after you first logged in to it.
“The auto-join function may save you a couple of seconds a day, but it also puts the security of your device in danger. And that is why disabling it is highly beneficial,” Digital Security Expert at NordVPN, Daniel Markuson commented.
Why does the auto-join function put your device at risk?
The problem with the auto-join setting is associated with its ability to connect to a public WiFi network without the user’s permission. Public WiFi usually has an exceptionally low firewall when it comes to blocking hackers.
This weak security allows hackers to place themselves between users and the WiFi connection. So, when users enter their bank account details or any other kind of personal information on public WiFi, they can never be sure that it’s not being accessed by a group of hackers.
To understand the risks of the auto-join function better, it is important to know how it works. Phones that have the auto-join function enabled are configured in a way that, if a person manually connects to a network for the first time, the device will connect to this network automatically every time it is in range.
The problem is that phones recognise WiFi by its SSID (wireless network name), and a hacker can set a WiFi network with the same SSID as the safe network we were connected to before.
A hacker’s WiFi with the same SSID as that of a secure network is often called ‘evil twin’ WiFi. Even if a user normally avoids using public WiFi and only connects to secured networks, he or she can still unknowingly connect to an evil twin hotspot if the auto-join function is on.
“Let’s imagine: on Monday, you went to your favorite cafe and manually connected to its WiFi network called ‘Starbucks WiFi’.
“You know that the network at this cafe is normally secured and you feel like you have nothing to worry about. But then, on Tuesday, a hacker can set up an evil twin network nearby with the same SSID (network name).
“And, when you come to grab your daily cup of coffee on Wednesday, you cannot be sure which network your device will automatically join,” explained Markuson.
Once a user gets connected to an evil twin network, their device is under the hacker’s control.
Ways to keep your phone protected
Markuson recommends disabling the auto-join function to avoid connecting to an unprotected public network by accident.
Using mobile data while away from home instead of WiFi in an airport, bar, café, or any other public place can also help users to feel safer. If the user still needs to connect to public WiFi, here are some things they can do to be more secured:
- Use a VPN. As International VPN Day (19th August) is approaching, it is important to remember that a VPN is very helpful software for anyone using public WiFi. It encrypts users’ data and doesn’t allow third parties to intercept it. So, make sure you have a VPN installed on your devices if you often use WiFi outside of your home.
- Connect to secured WiFi. Choose public WiFi that is secured by strong and sophisticated passwords.
- Don’t make any purchases or connect to social accounts using public WiFi. The best way to keep your credentials (passwords, credit card details, etc.) safe is to enter them only on a secure network.
- Enable your firewall. While a firewall is not that necessary over a secure connection, it is always a good idea to enable it while using public WiFi. This will provide substantial security from hackers.