Is it safe to use Wi-Fi at the airport?

Is the public Wi-Fi network at JFK International Airport safe? That’s what one of Vivian Au’s customers wanted to know recently.

The network in question was called JFK-Free-WiFi, and it did a peculiar thing when her client tried to log on: It asked for her birthdate.

It was not safe, says Au, a consultant who specializes in corporate technology and security.

“Real airport networks never do that,” she says.

But at a time when it feels like it should be safe to use a public Wi-Fi network at the airport, it’s getting harder to tell safe from dangerous. Experts say airports have upgraded the security on their public networks. At the same time, scammers have gotten smarter about stealing personal information from unsuspecting users. 

“Airport Wi-Fi can be convenient for accessing apps and services to pass the time before a flight,” says Gary Orenstein, chief customer officer of Bitwarden, a password management service. “At the same time, these networks are also known to be a honeypot for bad actors. If a network is compromised, cybercriminals can exploit the risk to extract sensitive information from connected devices.” 

Why is Wi-Fi so dangerous now?

The most high-profile case happened last year in Western Australia, where a man was arrested for allegedly establishing fake free Wi-Fi access points, which mimicked legitimate networks. These access points, which operated a lot like the bogus JFK-Free-WiFi access point, captured personal data from unsuspecting victims who mistakenly connected to them, according to police.

What do the bad guys do with the data they steal? It’s more like, what don’t they do, according to Orenstein. 

• Cybercriminals may intercept credit card or banking data shared over unencrypted networks and connections.

• Attackers may use unsecured public networks to plant ads on legitimate websites, redirecting users to malicious sites and exploiting trackers embedded on previously visited pages.

• Hackers might encourage users to download malware-infected files or fraudulent apps disguised as helpful tools for connecting to airport Wi-Fi.

• Criminals can also steal personal data and other private details, potentially aiding entry into critical consumer accounts.

Police alleged the Australian hacker used a portable wireless access device to create “evil twin” free Wi-Fi networks, which he used at multiple locations to lure unsuspecting users into believing they were legitimate services.

In other words, while it may feel safe to use an airport Wi-Fi network, it’s still fraught with danger.

“Airports are prime targets for cybercriminals looking to steal information, identities, and money,” says Tomas Stamulis, chief security officer at Surfshark. “Unfortunately, information security isn’t a top priority for many organizations, airports included. Despite advances in Wi-Fi technology, adoption of stronger security systems is slow, leaving travelers exposed to data breaches and fraud.”   

Why do people think airport Wi-Fi networks are safe now?

Early airport Wi-Fi networks were open and lacked even basic security, say experts. Today, airports have advanced WPA3 encryption, a series of security protocols that protect your password and the devices on the network. And, apart from the incident in Australia, there have been few recent reports of network breaches that have resulted in a loss of data. 

So is it safe to use an airport Wi-Fi network with your computer or phone?

“Airports have indeed improved their Wi-Fi security,” says Rafay Baloch, CEO of REDSECLABS, a cybersecurity company specializing in security consulting, training, and other cybersecurity services. “But the system is still not foolproof.”

Baloch says it’s convenient to be able to connect to the internet while you’re transiting through an airport terminal.

“But all public networks are insecure,” he warns. “There are many hackers who set up fake Wi-Fi networks  with names that are very similar to the real ones to catch people’s attention. Once connected, the  attackers can launch different attacks to sniff out important information from the users.”

How do you know if an airport Wi-Fi network is safe?

There are a few ways you can find out if an airport Wi-Fi network is safe — or at least safer.

Is the name suspicious? Hackers are not grammarians. So some networks will have telltale signs that they’re bogus, like typos. Never connect to a network called “DULLES_Offficial_Free_Wfi,” for example. You’re just asking for trouble.

Does it use encryption? After connecting, make sure the website you’re visiting uses “https” in the URL and has a padlock symbol. “This means the connection is encrypted and your data is protected,” says Gyan Chawdhary, CEO of Kontra, a security training platform.

Does it ask for private information? Remember, hackers are trying to harvest personal information, so they’ll ask for things like your birthday or your email credentials. They may even brazenly ask for your credit card information. A truly free airport Wi-Fi network will not ask for any of that information.

Did the airport advertise it? Often, airports will display the name of the official access point on the screens. “You can also double-check the network name with the airport personnel,” says Marcelo Barros, the global director of Hacker Rangers, a security awareness training firm.

But ultimately, none of these strategies is foolproof, according to experts.

“If you need to get online at the airport, it’s safer and more reliable to use your cell phone’s data plan,” says Craig Steele, director of Digital Skills Education, a company that offers courses that help regular people stay safe online. “That way, you’re connecting directly to your carrier instead of relying on public Wi-Fi. When I’m traveling I’d always use that first, rather than connecting to a public Wi-Fi network.”

So will you use the airport Wi-Fi network this summer?

Bottom line: Airport wireless networks aren’t entirely safe, even the official ones. But will that stop you from using them? Nah. A recent report by Norton suggests 60 percent of users have logged on to a public network in the past year, and that trend shows no sign of abating. 

Matthew Hicks, an associate professor of computer science at Virginia Tech, says it depends what you do on the network. 

“At one extreme, it is safe enough to check the latest sports scores, weather, or stock market on an updated device,” he says. “At the other extreme, it is risky to perform financial transactions, or work with other sensitive data in the cloud, using a device that hasn’t been updated in years, for an eight-hour layover.”

The thing is, even if you stay off the airport network, can you guarantee that your kids will? And who knows what kind of malware they’ll download or what kind of data they’ll give up between watching videos and texting their friends?

Fact is, even though airport Wi-Fi looks safe and feels safe, it might not be. But that probably won’t stop you from using it.  

How to tell if an airport Wi-Fi network is safe

1. Inspect the network name. Check official airport signs or information screens for the exact Wi-Fi network name. Scammers create “evil twin” networks with convincing but fake names, often including typos.
2. Guard your personal data. Never enter sensitive information like your birthdate, email password, or credit card number. A legitimate, free airport network will not ask for these details. Disconnect immediately if it does.
3. Verify the website’s connection. Once connected, look for “https” and a padlock icon in your browser’s address bar for every site you visit. This confirms your connection to that site is encrypted.
4. Use your phone’s data instead. To avoid all risks, use your mobile phone’s data plan or hotspot. This creates a direct, secure connection to the internet that bypasses public Wi-Fi entirely.

You might also like

• These are the most outrageous travel fees
• Let’s set the Wi-Fi free now!
• Cruise ships are getting a big upgrade
• Flight Network Customer Service Contacts
• International Travel Network Customer Service Contacts