Depending on where you live, there’s a good chance you haven’t entered an airport or stayed in a hotel over the past year and a half. That’s about to change for many of us, with countries loosening travel restrictions.
But before you tap to join that hotel Wi-Fi network, take a moment to consider your security. The bad news is, there are plenty of risks with using hotel Wi-Fi. The good news is, it’s easy to protect yourself.
[Want more tips? Subscribe to ExpressVPN’s Blog Newsletter.]
Why hotel Wi-Fi isn’t safe
Hotels make excellent targets for cyber criminals for a couple of reasons. Not only can nefarious actors find a large concentration of potential targets, but the network security hotel guests rely on can be rudimentary to nonexistent.
In October 2020, the FBI issued a warning on the dangers of using hotel Wi-Fi, pointing out that hotels favor convenience for guests over security measures, especially since there is no specific hotel industry standard for secure Wi-Fi access.
In many hotels, Wi-Fi passwords change infrequently, and they’re often found on placards at the reception desk. Under these circumstances, hacks can happen relatively easily using simple methods, and likely affecting a large number of guests.
While these scenarios aren’t necessarily the norm, there are plenty examples of hotel Wi-Fi attacks, like when Russian hackers used a leaked NSA tool to target hotel guests in 2017.
Here are some of the ways an attacker can hack hotel Wi-Fi:
With this method, criminals create a network with a similar name to the hotel’s network and gain direct access to the computer of any guests who accidentally connect to it.
In man-in-the-middle attacks, a hacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
This is where a hacker records the packets of data that pass between you and an unsecured Wi-Fi router.
Perhaps the most devastating attacks possible would involve hacking a hotel’s router. This could give attackers access to information ranging from guests’ credit-card details to keycard systems.
Safely go online in a hotel
Here are a few things you can do to keep yourself secure:
1. Use a VPN to encrypt your traffic
This is simply the easiest way to stay safe on public Wi-Fi. A VPN sends all your online traffic through an encrypted tunnel, so even if someone intercepts your activity, they won’t be able to see any of it.
2. Always confirm the hotel network’s name before connecting
While it might be tempting to connect to the first Wi-Fi you see when you’re in line to check in, you can avoid fake Wi-Fi networks by being 100% sure about the hotel Wi-Fi’s name.
3. Avoid sensitive websites and banking
This tip sidesteps the problem rather than solving it, but it’s worth waiting to check your bank account when you get home rather than risk exposing it over hotel Wi-Fi.
4. Use your phone as a hotspot instead of Wi-Fi
One option is to not use hotel Wi-Fi. If you’re getting data on your phone—admittedly unlikely if you are traveling internationally—you can use it as a Wi-Fi hotspot for other devices such as a laptop. Alternatively, you could use a portable router, which is a small device you carry with you and top up with data as needed using a credit card. You connect to it with a password in the same way you’d use any Wi-Fi network.
These hotspots are harder to attack because they’re moving, and they are less attractive to attackers because there are fewer people using them.
Read more: Ethernet vs. Wi-Fi: Which is better?