Skip to main content

Public Wi-Fi networks

Public Wi-Fi networks

Free Wi-Fi is everywhere, with networks available from coffee shops to the airport and hundreds of public locations in between. It is convenient, but you may be putting your personal information at risk.


One of the most common techniques that attackers use is to set up their own bogus Wi-Fi access point, such as one called "public Wi-Fi." or “free Wi-Fi”. Then they just wait for unsuspecting computer users to log in. Once a user connects to that Wi-Fi network, all their online activity is diverted through the rogue access point. 

Man-in-the-Middle attacks

Man-in-the-Middle attacks are the most frequent threat in public wi-fi networks. In this case, an attacker positions themselves between your device and the legitimate network to which you are trying to connect. Instead of being sent to where you intended, your information gets re-routed to the attacker. The attacker can also lead you to phishing websites and intercept credentials and passwords used in authentications.


No operating system or software program is perfect, and many attackers exploit those imperfections to their advantage. Hackers write code that targets security vulnerabilities in your systems and use them to inject malware, or viruses, onto your device. This usually happens by redirecting the user to a website that will automatically download and execute malware, or tricking the user to believe that an essential update package needs to be installed urgently.


There are specialized software kits and devices that allow hackers to eavesdrop on your online activity. This could include anything from knowing what websites you visit to gaining access to the information you have entered, directly affecting your internet privacy. 


Finally, attackers can create fake Wi-Fi network names that masquerade as legitimate ones to steal your information. This practice is known as spoofing.


Tips for safe Wi-Fi use

Cathay Bank

Email communication is not secure

Please do not include sensitive information such as account numbers or other personal information such as Social Security or Tax Identification numbers, driver’s license numbers, etc. in any email sent to us via this link.