A new survey of internet users shows that the freedom and convenience of public wireless networks may come at a cost. Nearly half failed a quiz about online and wireless safety, while tens-of-thousands admit to engaging in activity that could put them squarely in the sights of hackers looking to steal their personal information.
An AARP Fraud Watch Network report, “Convenience versus Security,” shows that among adults who access the Internet, a quarter (25 percent) use free public Wi-Fi once a week or more.
“A free Wi-Fi network at an airport, hotel or coffee shop is convenient,” said AARP Kentucky State Director, Ron Bridges. “But without a secure network, Americans risk oversharing, leaving themselves vulnerable to attacks by con artists and hackers.”
In response to these threats and need for greater awareness of the risks of cyber scams, AARP is launching the “Watch Your Wi-Fi” campaign to educate Americans about the risks of free public Wi-Fi and how they can protect themselves.
The survey results unveil a high incidence of risky online behaviors:
Among those who say they use free public Wi-Fi, more than a quarter of respondents (27 percent) say they have banked online via public Wi-Fi in the last three months.
Similarly, 27 percent of those who use free public Wi-Fi have purchased a product or service over public Wi-Fi using a credit card, 26 percent of smartphone users do not use a passcode on their phones and 61 percent do not have online access to all of their bank accounts.
Among those who have set up access to all or some of their online banking accounts, almost half (45 percent) say they have not changed their online banking passwords in the past 90 days. Experts say that online bank account passwords should be changed every 90 days.
Nearly half of survey respondents (45 percent) failed a quiz about online and wireless safety. Approximately 40 percent of respondents were not aware that:
- It is NOT okay to use the same password on more than one site even if it contains a complex mix of letters, numbers and symbols.
- Even if you are not using the Internet, if you’re in a location with a public Wi-Fi network, you should disable your wireless connection.
- It is NOT safe to access websites with sensitive information, such as banking or credit cards, while using a public Wi-Fi network, even if the website is secured by https.
More than 8 in 10 (84 percent) people surveyed did not know that the most up-to-date security for a home Wi-Fi network is NOT WEP — Wired Equivalent Privacy. Experts advise using at least WPA2 wireless encryption for better protection.
A newly launched FWN cyber scam website features “Four things never to do on public Wi-Fi:”
- Don’t fall for a fake: Con artists often set up unsecure networks with names similar to a legitimate coffee shop, hotel or other free Wi-Fi network.
- Mind your business: Don’t access your email, online bank or credit card accounts using public Wi-Fi.
- Watch your settings: Don’t let your mobile device automatically connect to nearby Wi-Fi.
- Stick to your cell: Don’t surf using an unknown public network if the website requires sensitive information – like online shopping. Your cell phone network is safer.
Consumers may also visit the new website to learn about three scams frequently associated with public Wi-Fi, including the “man-in-the-middle attack,” an “evil twin” ruse, and the “war driving attack.”
For additional information, including a video demonstrating the risks of unsecure Wi-Fi, visit: aarp.org/watchyourwifi.