Why you should not connect to unknown Wi-Fi access point

To most people an open Wi-Fi access point is gold mine. They don’t think twice before connecting to a Wi-Fi access point and going on their merry ways and surf around the internet. It is just so convenient. But it is also a big risk factor with serious security ramifications. I am not talking about Wi-Fi spots available in Starbucks or similar business outlets, even though they still might have similar security concerns, I am more concerned about open wireless access in your neighborhood that someone forget to secure it with a password.

Such an open access point could be a trap set up by a knowledgeable person with bad intentions, with proper tools they can not only log all your online activities but can also gain access to your email, bank or financial website information that you access to using their internet connection. A smart and capable hacker can hijack your session when you are connected to your bank or email account without actually having username and password for your account. For some sites without proper security measures username and password can be viewed in plain text using a sniffer, as shown below.



In the above demonstration as you can see with the correct tools (in this Cane and Abel) anyone can sniff out critical access informations to websites you visit. Please note that the above example is just a demonstration and banks usually don’t pass plaintext username and password like shown here.

To protect yourself, avoid connecting to open Wi-Fi access point, whether you know the source or not. If you absolutely have to connect to an open relay, try to avoid logging to password protected websites.