Using openly available WiFi maybe great for catching up on e-mail back at the office, but the downside is rarely seen or even considered. Using WiFi access points that have no encryption can open one up to getting their personal information to getting stolen. There are a couple of ways of intercepting sensitive data when using public WiFi.

The first method that data gets intercepted is if somebody using a computer on public WiFi network uses a freely packet capture utility such as Wireshark. Packet capture programs, capture all data that comes out of every computer within range. Anybody who appears to be just another user could actually be reading other peoples’ personal e-mails. Interceptors don’t just get other peoples’ e-mails but also the user ID’s and passwords for the e-mail accounts. This could allow peoples’ e-mail account user ID’s and passwords to be collected and sold to spammers.

The other method used to intercept sensitive data is the man in the middle attack. A computer is set up to act as an WiFi Access Point and when an unsuspecting user tries to connect to what they think is a public WiFi network they are in fact are connecting to a computer that is waiting to capture all their sensitive data. Man in the middle attacks are more commonly seen on municipal WiFi networks. The man in the middle Access Point will have the same SSID as the public network. An unsuspecting user will see the same SSID for the public WiFi on two channels are will try to connect to the one with the stronger signal strength. If the man in the middle access point is physically closer to the user or has better antennas than the real public WiFi access point then they become very likely to get their identity stolen.

To combat the problem of data eavesdropping on public wifi networks there are a number of companies that offer data encryption service. These services take that data on somebody’s computer encrypts it before it’s transmitted on the public WiFi network. The data is decrypted on the company’s servers and directs the Internet traffic to where it’s supposed to go. Anybody using a packet capture program or conducting a man in the middle attack will only see garbled data which they cannot use.

For the traveling white collar professional or even the casual web surfer using public WiFi networks is close to unavoidable. While the risk on most public WiFi networks is pretty low a greal of caution must be practiced in order to keep sensitive data safe.