Dangers of Phishing & Public Wi-Fi
If you’re reading this on your phone, tablet or computer, chances are you use email. And you may even be accessing this over Wi-Fi available at a coffee shop, airport, or school. Like driving, exercising or virtually any other human activity, using email and public Wi-Fi does not come without some level of risk. However, by following a few simple guidelines you can remain confident that when you receive an email from your credit union or log in to mobile banking, you won’t be tricked into compromising your personal or financial information.
Growth of Online & Mobile Banking
First, it’s helpful to understand that online and mobile banking is growing at an unprecedented rate. The ease and convenience of checking your account balance, paying a bill, or transferring money with a few clicks of a mouse or button has led to enormous growth. According to a report by Allied Market Research published in October 2017, online banking transactions are expected to increase from $7.3 billion in 2016 to about $30 billion in 2023. The Board of Governors of the Federal Reserve System conducted a survey in 2015 and found that 43 percent of all mobile phone users with a bank account had used mobile banking in the previous year. That number reflects a steady increase from 39 percent in 2014 and 33 percent in 2013.
All this means is that banking and conducting financial transactions using a computer or phone has become a target for phishing and other electronic theft.
What Is Phishing?
Phishing refers to the practice of sending fraudulent emails that appear to be from a reputable company to trick the recipient into divulging or providing sensitive personal or financial information, such as a social security number, password or credit card number. In other words, thieves are “fishing” for information so they can steal your money or identity.
A common phishing practice is to send a threatening email that states unless the recipient clicks on a link to verify certain transactions, their account will be locked. When you click on the link, you’ll be taken to what looks like a legitimate website and will be asked to verify your login and password. Some emails are personalized and may even contain your name. Other types of phishing may direct you to access a document on something like Dropbox or Google Docs.
Don’t fall for it!
Don’t Get Caught in a Phishing Scam
The best way to avoid a phishing scam is to think before you click. If the email looks suspicious, use caution.
- Don’t click on any links within the email. If you want to check the validity, go directly to the website in question. For example, on nuvisionfederal.com you can log into your online banking and check to see if you have any messages [please confirm or describe how a member would receive a message].
- Look for “https” at the beginning of the website address before you enter any login, password, personal, or financial information.
- Make sure your computer firewall is active.
- Use antivirus software.
Unsecure Wi-Fi Networks
While phishing involves a specific email (or phone call) from someone attempting to do harm, using an unsecured Wi-Fi network is like an open invitation from you to the bad guys.
A more secure public Wi-Fi network requires a password or credentials to gain access. When looking for an available and more secure wireless network, you will see those that use encryption marked with a small lock symbol next to the name of the network.
Some hotels and shops that provide free Wi-Fi to customers provide access to their secure networks by providing you with credentials or an access code when checking in, making a purchase, or on request. If you do log into an unsecure Wi-Fi network, don’t download or install anything. Make sure your system software is current. When finished, log out of all websites, log off the Wi-Fi network, and tell your laptop, phone or tablet to “forget” the network after you disconnect.
Install a VPN
Another option when accessing public Wi-Fi is to use a virtual private network, or VPN connection. A VPN is an app or software that you can download and routes your traffic through a dedicated, encrypted server. It acts as a tunnel or shield for your data. The downside is that most good VPNs aren’t free and will likely slow the speed of your internet connection.
You can find free VPN services, but most will cost somewhere between $5 and $10 per month. You can fine various services that charge on a discounted annual basis or provide month-to-month options.
Use Mobile Data Connection or Hotspot
If possible, wait until you can find a secure Wi-Fi connection. If you must conduct online banking, make a purchase, or otherwise transmit personal or financial information, you’ll be more secure if you connect using your mobile phone data connection, either directly or as a hotspot (if your mobile plan offers that option). You can easily chew through your monthly data allowance, so try to limit your connection to just the specific amount of time you need to be online.
If you opt to use an unsecured connection, make sure you understand the risk – others may be able to see what you do. This means do not conduct sensitive transactions or log in using your credentials on any sites. Not all apps and sites support encryption and other good security practices, which leaves you much more open to a cyberattack when on a public Wi-Fi connection.