David Saunders
If you’ve logged onto public Wi-Fi recently to check emails, scroll social media or confirm a booking, you may have done more than kill a few minutes — you may have exposed yourself to serious cyber risk. As global disruption increases and people rely more heavily on shared networks, security experts warn that public Wi-Fi has become one of the easiest gateways for cybercriminals.
New data from IATA shows that air traffic control delays in Europe have risen by 114% over the past decade, a sign of wider strain across global infrastructure. But the issue goes far beyond travel. From coffee shops and hotels to shopping centres and shared workspaces, public Wi-Fi is now woven into everyday life — and attackers know it.
Despite rising financial pressure, people are not pulling back. A recent Deloitte survey shows US consumers are more eager to travel than they have been in years. In Europe, the European Travel Commission reports that 82% of people are increasing their travel budgets, even though overall spending is slightly lower than last year. More movement, more connectivity — and more reliance on public Wi-Fi in unfamiliar or crowded environments.
At the same time, cyber threats are accelerating. The UK’s cybersecurity agency has warned that highly significant cyber incidents have increased by 50% for the third year running. Fortinet reports a 42% rise in compromised credentials being sold online, highlighting how valuable stolen logins have become.
Wherever public Wi-Fi is free, open and convenient, it is also vulnerable.
Shared networks are routinely used to check bank balances, confirm accommodation, access work emails or log into apps — often without a second thought. That makes them prime territory for attacks ranging from phishing and session hijacking to full credential theft.
A recent case in Australia showed just how easily this can happen. A man was jailed after setting up a fake Wi-Fi network and capturing users’ login details, AFP reported. The method was simple: a convincing network name and users connecting without checking.
Experts at Planet VPN, one of the world’s largest free VPN providers, say so-called “look-alike” public Wi-Fi networks are increasingly common in busy public spaces, relying on distraction, urgency or routine behaviour rather than technical sophistication.
Konstantin Levinzon, co-founder of Planet VPN, says most attacks on public Wi-Fi go completely unnoticed.
“Public Wi-Fi, whether in an airport, hotel, or restaurant, is often unencrypted and sometimes doesn’t even require a password. This makes it easy for bad actors to see what sites users visit or even hijack their sessions. Users should be especially cautious this year, as the latest AI tools allow cybercriminals to accelerate their attacks, including those targeting Wi-Fi networks”, he says.
Google has recently advised users to avoid public Wi-Fi altogether. That may be ideal, but for many people it simply isn’t practical. Public networks are often the only option when working remotely, travelling, or managing daily tasks on the move.
Levinzon says the key is not blind avoidance, but smarter use.
1. Choose a VPN provider that doesn’t store logs
A VPN remains the first and strongest layer of defence on public Wi-Fi. It encrypts internet traffic, making it far harder for anyone else on the network to intercept.
“On public Wi-Fi, your activity can be visible to anyone with the right tools, but once the VPN is on, your data travels inside the tunnel. People on the same network, whether it’s hackers, hotspot owners, or even your internet service provider, only see scrambled traffic, not your personal information,” Levinzon explains.
He adds that a well-designed free VPN can offer the same core protection as a paid service — provided it doesn’t store logs or collect sensitive user data such as emails.
2. Locking down your device takes seconds
Users should assume that public Wi-Fi is a shared digital space.
Disabling automatic connections to open networks prevents devices from joining rogue hotspots without notice. Turning off file and printer sharing makes devices harder to detect. Installing software updates before connecting reduces exposure to known vulnerabilities.
These steps are basic — but effective.
3. Treat public Wi-Fi as “read-only mode”
Even with precautions in place, public Wi-Fi carries inherent risks. Phishing pages, malicious redirects and infected downloads remain common.
“Use public Wi-Fi for searching the web or replying to an email, but avoid making transactions. The same rules should be applied not only during travel holidays, but also in our daily lives,” Levinzon says. “With fast-evolving cybersecurity threats around us, it is important to stay vigilant and also follow other basic cyber hygiene practices, such as regularly updating software, using strong passwords, and two-factor authentication.”
The message is clear. Public Wi-Fi is no longer an occasional convenience — it’s a permanent feature of modern life. And that makes caution, not complacency, the new baseline.
