How to Secure Your Restaurant’s Wifi Connection  

A restaurant wifi is an essential component today. But there are a large number of issues that can creep in when you’re having one at your outlet.

A restaurant wifi connection without a secure, no-logs VPN is an open invitation to hackers. Read about those risks in this Wifi security guide.

The Most Common Public Wifi Blunders

Before opening that unprotected laptop or turning on that tablet or smartphone in a free public wifi hot spot, consider the following:

Financial transactions in public are not worth the risk.

Banking and shopping online through unsecured public wifi and unprotected websites will send a signal flare to intruders: “Here’s my bank account and credit card information. I’m spending money on line. Want some?” Sure, banks use encryption, but unprotected restaurant wifi networks can spy on what the victim sends and receives.

The best advice to your staff and customers is to never, ever do financial transactions in public. Use the home or workplace secure web connection. The best security in public is the smartphone 3G or 4G, and never sign on to any website in public that does not have the “S” following the “HTTP” web address.

Wifi is not always faster than a smartphone 4G connection.

Free public wifi is tempting, but a smartphone data connection can often be faster than a crowded, unsecure public wifi service. Of course, there are data costs and limits, and some Android and Apple’s iOS phone products can detect whether a wi-fi is a faster option than mobile data.

Easy access and unfettered web surfing on public wi-fi risk exposure to hacker attacks.

The safest approach is to avoid free public wi-fi hotspots. They are hangouts for tech-savvy scammers and identity thieves. Even legitimate, public service spots for café customers can be vectors for man-in-the-middle attacks that could wipe out a user’s bank account or open the device to malware injections.

Installing software on a public wi-fi network is a terrible idea.

A favorite trick of fraudsters who hang out in public hotspots is to prompt the user to “install an update” to a device. That update is frequently a carrier that loads a program to steal data from the exposed computer.

Neglecting system updates is a recipe for disaster.

In the leapfrog battle between hackers and defenders, the only way to stay even or ahead is to install operating system updates and security patches immediately. Windows 10 Defender does a decent job in protecting against known malware threats, but the best idea is to install commercial grade malware detection software that is constantly on the alert for new threats.

Avoiding threats, surveillance, and protecting online privacy with a VPN

Anyone wishing to bypass the foregoing security threats should consider subscribing to a no-logs VPN service. VPN equipped devices have an extra layer of encrypted privacy, which safeguards against unsecured public wi-fi network intruders.

A VPN hides the user’s web activity. It provides an encrypted connection hiding the user’s online activity from prying eyes. Log in to a network with VPN protection, and encryption turns intercepted data to unreadable gibberish.

Man-in-the-Middle Attacks

The main threat to your customer’s privacy and security on public wi-fi is through so-called “man-in-the-middle” (MITM) attacks. In a man-in-the middle attack occurs a hacker actually gets between a two-party transactions on the web. The hacker impersonates either or both users and accesses the information they are exchanging. Then the hacker uses the stolen data for fraudulent or nefarious purposes.

MITM attacks can originate from online phishing

In one scenario the victim receives a fake email from what appears to be an authentic bank website. It appears legitimate, and warns the customer that their bank account has been compromised. The victim clicks on a link in the email and enters what seems to be a valid website.

As the panicked user discloses the personal information required to enter the account, the login identification and password/PIN are now in the possession of the scammer.

Hijacking a live session can occur through bogus (rogue) Wi-Fi networks, or so-called “evil-twin” hijacking. A user logs into an unsecured public Wi-Fi network. The MITM intercepts the connection and routes the user to a bogus network and begins gathering the user’s credentials. To carry that out, hijackers must use the following hacks:

  • Domain Name Server (DNS) spoofing. This routes the user to fake websites that can steal personal data or download malware.
  • Using a “web pineapple” device to detect and access unsecured networks
  • Hijacking session cookies. Known as “sidejacking” the stolen cookies often consist of unencrypted login information. Even though the target website is otherwise secure, its access credentials are compromised.
  • Downloading open-sourced software to spy on the user. The software can detect online activity and intercept the data being exchanged online.
  • Redirecting a user to a fake web application controlled by the attacker.

While a VPN won’t automatically protect the user from phishing attacks, it can provide solid protection against a variety of technical hacks. The bottom line is that a hacker stalking an unprotected public Wi-Fi server could listen in and observe a customer conducting an online banking transaction. The hacker steps in live and can do great financial harm to the victim or can install a Trojan for later damage to the victim’s system.

Why Free VPN isn’t the Better Choice

“Premium” actually means “by subscription,” as opposed to the numerous so-called “free” VPN services. Free VPN providers must generate income to stay in business. Rather than charging a reasonable monthly subscription fee, free VPN providers actually exploit their customers as a source of income by tracking users’ online destinations and selling activity records to marketers.

There are other pitfalls in using a free VPN service. They include a slowdown in the user’s internet connection as the user must compete for bandwidth with paying customers. Free VPNs are supported by internet advertisers and users must host annoying and distracting popup ads. Some free VPN services have been known to earn revenue by selling subscribers’ device processing power—their bandwidth—to paying customers.

Finally, free VPNs open the user to secondary attacks from hackers. One report by VPN Mentor had the alarming news that free VPN’s were “more likely” to have malware than their paid counterparts. In fact, one study found that about 70% of free VPN products installed third-party trackers on the user’s computer. What those trackers do is collect information on online destination and shopping habits that result in tailored online ads.

Premium VPNs are a better choice

A premium VPN service is the best bet for security online, because:

  • A Premium VPN employs a “no-logs” policy. The users at your restaurant would never be tracked online and the system maintains no connection or activity logs for any user.
  • Premium VPN services provide top-grade 256-bit encryption and the fastest connections for your customers and staff to avail
  • Premium VPNs shut down data leakage with a “kill switch” feature. If the connection between the user and the VPN server is dropped, the user is disconnected before anyone can intercept the session.
  • Premium VPN hides the user’s web activity from the ISP. The ISP cannot detect VPN the VPN use and could not, even under subpoena, provide a record of the user’s internet activity.
  • Premium VPNs bypass geo-blocking. A user in a New York café, for example, could log on to a Netflix service available only in Europe.
  • A premium VPN service provides attractive extra features. For example, Surfshark’s web app called CleanWeb™ is an ad blocker, thwarts trackers, and detects malware and phishing attempts.

Summary and Conclusion

There really is no such thing as a secure public wi-fi connection. The free ride in a restaurant using an unprotected device is fraught with dangers as savvy-tech scammers stalk the unwary online user. Stalkers use a variety of high-tech tricks to tap into unprotected users in public. They include routing someone’s connection to a fake site or to a bogus web application.

The best protection in public is through a no-logs VPN to encrypt and mask the user’s web activity. The best VPN is not the free, ad supported variety. Free VPNs slow down the user’s web connection, inject adware and other security threats, and could cost the user additional performance quality when the provider sells the user’s bandwidth to paying customers.

Premium VPNs like never log the user’s online activity and provide complete anonymity and cover, which even the internet provider can neither detect nor report. Also, a VPN uses geo-blocking where the user can log on to overseas premium streaming sites as well as thwart shady pricing practices for the best online travel and shopping deals.

Aditya Sarkar

Aditya Sarkar is a Marketing Manager at LimeTray. When he isn't being a Marketer, he likes solo-travelling, playing all kinds of sports and chilling out with friends! He's reachable at aditya.sarkar@limetray.com