We’re online, but we’re not being safe about it. The results of new study reveal people don’t understand key elements of cybersecurity. Worse, even those that are aware of the risks are doing things they know they shouldn’t—upping the odds they’ll get scammed.
The AARP interviewed 800 people age 18 and older over the phone to ask about their online access, activity, public WiFi use, knowledge of WiFi security, and also identity theft. The results paint a pretty alarming picture.
Here are the risky things you might be doing:
Doing personal banking or shopping over public WiFi. More than a quarter of those questioned say they do banking over public WiFi, and the same number also bought things with a credit card over a public Internet connection.
Not changing your passwords. Ten percent of those who do online banking say they’ve never changed their password. One in ten say they haven’t in more than two years, and half say they haven’t changed their passwords in the last three months.
Not running anti-virus or anti-spyware software. Almost a quarter of respondents said they didn’t or weren’t sure if they were running these types of key cybersecurity protections.
The good news? You can change your old habits. Changing passwords is easy to do, and setting a reminder for yourself will insure you keep them up date. The tricky part is resisting temptation to do something quick, but risky, over free WiFi.
Remember: if you’re on an unsecured WiFi network, hackers CAN—with very little effort—see every piece of unencrypted communication that happens on your device.
Email, credit card information, user names, passwords, and more, are all there for a hacker to grab and use to steal your identity.
The Federal Trade Commission offers these tips for staying safe on public WiFi:
• Stay on encrypted websites. When using a hotspot, log in or send personal information only to websites you know are fully encrypted.
• Don’t stay permanently signed in to accounts. When you’ve finished using an account, log out.
• Pay attention to any web browser warnings about fraudulent websites. Also, keep your browser and security software up-to-date. Reminder: TDS’ own Internet Security is always on and always up to date.
• Don’t auto connect. Change the settings on your mobile device so it doesn’t automatically connect to nearby Wi-Fi. That way, you have more control over when and how your device uses public Wi-Fi.
• Look for strong Wi-Fi encryption. WEP and WPA are common, but WPA2 is the strongest.
• Install browser add-ons or plug-ins. For example, Force-TLS and HTTPS-Everywhere are free Firefox add-ons that force the browser to use encryption on popular websites that usually aren’t encrypted. They don’t protect you on all websites — look for https in the URL to know a site is secure.
It’s worth noting there are things you may be doing in the physical word that also affects your security online. Specifically, the research shows that people are:
Using smart phones without passcodes. Twenty-six percent of smart phone users who access the Internet on that device do not have a passcode. And, thirty-one percent of those older than 50 don’t have a passcode set.
Leaving their mail in an unlocked mailbox. Credit card statements, utility bills, etc. all contain financial information that could be stolen—but that information is sitting out in unlocked mailboxes 58 percent of the time.
Leaving valuables in the car. Sixty-one percent report leaving mail, a purse/wallet, cell phone, GPS, or laptop in their car during the past three months.
Not shredding paper documents or credit cards. One in six say they never shred documents containing personal identification, and the same number say they do it only once a year.
Making some simple changes—and always assuming that public WiFi isn’t safe—you can dramatically reduce the odds of having your identity stolen!
Original image by: Podere Casanova. Modified for use by TDS.
The ability to hack non-Secure Sockets Layer (SSL) encryption, email communication is relatively easy over a public Wi-Fi connection. Recently TDS moved mail.bajabb.com email from Google Gmail to TDS’ unique email system. Google Gmail communication, sent and received, was protected with SSL, but the new TDS email service and user instructions require to use the SSL disabled. Do you have plans to better protect our email communications?
George, I reached out to our email team and they’re not exactly sure what you mean. They’re thinking you’re using an email client, but without more details they can’t help troubleshoot what’s going on (but you shouldn’t have to disable SSL). If you’d like to send your contact information to firstname.lastname@example.org I can have someone get back to you on this. Thank you!
Isn’t it contradictory to list online banking as a risky behavior on free wi-fi, than say that using encrypted websites is a safe thing to do? Online banking sites are always encrypted. Almost any encrypted site I use has personal info that I would not trust to Wi_Fi. I assume that I can’t do anything very useful on public Wi-Fi. That’s very inconvenient since I don’t have a smartphone but do have a tablet. What’s the truth here?
our condo has Wi-Fi we all share. about 60 units in our building. Are you saying we can not do banking or pay bills safely. I thought the banks and credit card companies have us protected with there systems.
I am not saying anything about what you can do in your condo. I am saying that this article and all similar articles contain a glaring contradiction. If using secure websites makes public/shared wi-fi safe, why is banking online unsafe on public/shared wi-fi?
Anne, I know what you mean—and it is sort of contradictory. The key is remember that if you’re at your local Starbucks, making sure that ALL of your bank’s website is encrypted, and not just the log-in page (and I’m no tech expert, but I believe encryption would also protect you from any “spoofed” Wi-Fi networks). But making payments on other websites, unless you’re sure you’re checking for encryption on every page, could make it risky. So it’s one of those “probably better to avoid” things. If you don’t do banking over public Wi-Fi, you won’t open yourself up to any potential danger.
Sharon, I’m not a tech support person, but I would imagine, just like the Wi-Fi at our office, your condo system has all the important security barriers in place because it’s a large, but private system. Not just anyone can hop on and use it.