Please sign in to post.

How safe is the Wi-Fi

Hi,
We will be away for close to a month traveling throughout Sicily and Rome. I would like to be able to check on my credit card account and bank account "occasionally" to make sure that all is fine.
Safe or not??
Thanks

Posted by
261 posts

You did hear about the recent Equifax breach, did you not? IMO, people should be protesting in the streets, demanding accountability. Some protest is going on, but it's not as loud as it should be. Maybe when more people start losing their identities and suffer that pain, "the people" will feel motivated.

So the real question is, how safe can anyone feel about Wi-Fi anywhere? No one is that safe.

If it's any comfort, I know plenty of Italian businessfolk who do their banking online. I don't personally know an Italian who has had his/her identity stolen. There must be plenty, though.

FWIW, I keep track of every financial transaction when I travel, but I don't check bank accounts online when I travel. I don't keep balances on my credit cards, either. I've never really thought about this issue much, I just never started doing it. But I need to add, I have a trusted financial manager in my life. He has access to almost everything, so I tend not to worry about these things.

Furthermore, U.S. banks are pretty diligent and generous with issues of fraud. No one should get complacent, or worse, lazy. But still, how much worrying is worth the trouble, since internet fraud can happen anywhere?

Posted by
11613 posts

I use wifi for these purposes while I travel. I am sure there is some risk, but I travel for long periods.

Perhaps you can set up notifications/alerts with your credit card company for when the card is used, and with your bank?

The only other alternative I can think of is to call your bank/cc company occasionally to check balances by phone (not the 800-number).

Posted by
351 posts

It is not safe. One way to make it safer is to add a VPN to your smartphone or tablet. You can add a VPN through the App Store. I personally use TunnelBear, however, you can research this as there are a handful of VPN's you can get for around $30/year. It is well worth it for added security.

Posted by
3985 posts

gps, regardless of whether you're in Sicily or your local library at home, never expose personal information like your bank accounts (including credit cards) on public wifi.

If you're truly concerned about your bank accounts while you are away, pack a portable wireless router with you that acts as a private hotspot.

Posted by
1507 posts

As an Italian, I still have to meet an actual person whose online bank account was hacked. On the contrary, fraud with credit and debit cards or ATM machines is much more common (for example, my debit card was cloned in Spain).

A private network protected by password is safer than an open public network; I use public networks only for email, web surfing, social networks and map navigation, but not for money issues.

In theory when the connection is encrypted (i.e. the web address begins with https:// ) it should be safe. If you want to err on the side of safety use a VPN adding another layer of complexity.

Posted by
3514 posts

I have been going to Europe for decades and have used the internet to check bank info ever since there was a way to do so. This included using rented PCs in internet cafes before there was WiFi. I have never had any issues because the sites I connect to are secure and encrypted (the "https://" indicates that). I know of no one who had any bank or credit card info stolen through internet use. Those who have had credit card info stolen I know of (2 people including me) was because they used the physical card somewhere in person and that merchant copied the info. Today, nearly every important web site is secure to start with ("https:") with banking and other credit card sites even more secure. Unless you are taking pictures of your credit card and posting that to Facebook or other similar websites, the chance of anyone stealing your info is about as good as winning the lottery - twice. In other words, nearly zero.

The people who sell VPN software will tell you WiFi is not safe to use unless you use VPN because they want to sell VPN. While I'm not saying there is no risk in using WiFi, it is a very small risk. Most of the studies showing the risk of using public WiFi are using data from the early days of the internet when secure web sites were rare. While VPN can increase your security, it only helps a little unless you have a VPN to the destination website you are connecting to, and none of the VPN options available out there today do that unless you work for that company you are connecting and they provided it to you.

And Equifax had nothing to do with WiFi security so not sure why that was mentioned. Someone at Equinox left in the default user ID and password in place on some of their servers and the crooks guessed correctly.

Posted by
37 posts

Every time you open or check your email on trips and if there is valuable information on those emails, are they exposed?? I think everyone checks their emails on trips and there is always some valuable information to "someone" in those emails but there is a limit to what you can't or should not do while traveling. I can understand the concerns about checking bank accounts and credit card while overseas but I think not being able to check emails is going a little too far.
I guess you can wipe off any important emails from your account before you leave on trips and knowing you may have to use Wi-Fi connections that may be questionable but that seems like a pain also.
Thanks for all your comments.

Posted by
4730 posts

I've been using computers since the early eighties. My feeling is that any term related to computers that contains the word "secrurity" is an oxymoron. If anyone is smart enough to make it "secure", there is someone somewhere just a little bit smarter that can get into it. Just food for thought.

Posted by
1507 posts

In my humble and personal opinion, first stage of computer security while traveling is making sure that all your important personal informations on your devices is duly encrypted. For example, all financial data - including bank account numbers and password - on my pc are stored in encrypted files protected by long passwords - and the passwords are committed to my memory and nowhere written out.

At present I consider more likely that somebody physically steals my pc and then scans the hard disk for bank account passwords and credit card numbers than having somebody scanning wifi channels to look for the same info.

Posted by
15043 posts

Public wifi hotspots are less safe than private password protected wifi. If you are in a hotel that requires password to access it will be safer.

Posted by
5687 posts

I would not be worried anymore about checking bank websites on public WiFi.

The biggest risk from using unsecured public WiFi used to be that hackers could easily monitor traffic with cheap equipment.

But that was before most websites switched to SSL encryption (https). With that type of encryption, all hackers monitoring public WiFi see is gibberish. With SSL, encryption is done between your web browser and the website you are communicating with. The WiFi hotspot itself (which, if secured with a password, is also encrypting the data, a second time) could itself be compromised, but again, SSL encrypts the data anyway.

SSL has been hacked before - but you are just as vulnerable to such hacks on public WiFi in Italy as you are sitting in the comfort of your own home using your home internet.

A few websites are still not SSL encrypted (even this Rick Steves forum page is SSL encrypted - look at the top left of our browser window for the "https" in the address), so those would be vulnerable on public WiFi - but surely any bank website or important website you use now where you access sensitive information is SSL. For those websites, I wouldn't be worried at all.

The Equifax hack happened to millions of people who have never used public WiFi.

Posted by
3985 posts

Every time you open or check your email on trips and if there is
valuable information on those emails, are they exposed?? I think
everyone checks their emails on trips and there is always some
valuable information to "someone" in those emails but there is a limit
to what you can't or should not do while traveling. I can understand
the concerns about checking bank accounts and credit card while
overseas but I think not being able to check emails is going a little
too far.

YES, everything is exposed on public wifi. Does that mean that I don't use wifi when I travel? Of course not.

I use public wifi all the time even when I'm walking to/from my office in NYC. 3rd Ave has free wifi as it's on the LinkNYC public wifi platform. Whether on the pubic wifi of LinkNYC, the New York Public Library, airports or any place in the world, I do not go to websites involving my credit cards or bank accounts. Any and all of my work product is on my company secured network whether in my office or when I'm on the road. On public wifi, I do go on social media like Facebook, Flyertalk, Instagram, Rick Steves forums, etc as I assume that anything in social media can be seen by anybody.

Posted by
11247 posts

As long as the network is password protected and IN YOUR HOTEL (or B&B or whatever) you are probably safe. Make sure Windows Defender is working (if you use windows), have a malware program and an antivirus running that update automatically. That VPN can be an extra layer of protection and also may let you stream some entertainment if you like. We have never (fingers crossed!) had a problem as a result of online activity in Europe.

Posted by
3514 posts

"Every time you open or check your email on trips and if there is valuable information on those emails, are they exposed??"

Depends.

What email are you using? Some use SSL encryption for the info between you and the email server. If you have an email system that does that, you should not worry.

Posted by
13 posts

All advice above is good. One other thought - will you have mobile cellular data on your smartphone or cellular-enabled tablet (if you have one) while you travel? If so, download your banking and credit card apps before you go, and when you want to check them, turn off your phone wifi and connect to cellular data. Checking these from an app, on cellular, will use a miniscule amount of data, and should load quickly even if your connection is slow.

While no network in the world is 100% secure, cellular networks from big wireless companies are much safer than random free Wifi.

The average low-life hacker in a hotel lobby, airport, or train station can easily and cheaply broadcast a "FREE WIFI" signal to tempt people and monitor/steal their data traffic. This requires $50 of off-the-shelf equipment

It is much more expensive, difficult, and implausible for them to create a fake cellular network, or be able to decrypt cellular data in transit. (Think of it this way, if you're being surveilled by someone with those advanced capabilities - say, the CIA or Dr. Evil's SPECTRE, then you've got bigger problems than whether or not you're using their Wifi).

Posted by
5687 posts

Kaeleku:

I got a multi-year subscription to NordVpn, which works on my phone and laptop.

How do you know NordVpn is safe? If Equifax has been hacked, why not NordVpn? That would seem to be a rich target for hackers, going after people who might be lulled into a false sense of security.

The risk that a service like NordVpn has been hacked is low, perhaps - but so is the risk of using public WiFi and SSL websites. Relatively speaking, how much risk are you prepared to accept? Is a 0.1% chance of being hacked acceptable or does it need to be 0.05%? You'll never be at zero risk. Where do you draw the line, and how does anyone really know their level of risk using various services?

(I use my own VPN that I setup at home - also not zero risk, but I'm also not an obvious target like those VPN services that hackers have surely attempted to break into. )

I really wouldn't worry about the risk of checking a credit card website that is surely SSL encrypted from public WiFi in Italy.

Posted by
7181 posts

Would someone please explain why a bank transaction that is encrypted (https:) by a major browser is unsafe on public WiFi? I don't need alarmist, non-technical shibboleths about imaginary evil threats. I'd like the facts,please.

Posted by
3514 posts

Tim,

A banking transaction that is done over an HTTPS:// link is safe. That is it. There is more chance that someone will be looking over your shoulder and sees what you type in than anyone snooping your connection and getting anything useable that way.

At the beginning of the internet, the logon process was not necessarily encrypted so your ID and password could have been sent in the clear while establishing the secure connection meaning someone snooping on the connection might have been able to see and capture that info. That changed decades ago and now the entire banking interface is encrypted from the moment you open the bank's web page. SSL encryption, one of the options used to generate the HTTPS connection, has been compromised but don't worry because the banks have all moved to TLS encryption which, so far, remains intact. Unless you are running a very old web browser on a very old operating system for your computer you will be fine because TLS is built in to every browser capable of doing secure internet web pages. Most of the larger banks in the US won't even talk to you on SSL pages anymore.

Posted by
5687 posts

Tim:

Would someone please explain why a bank transaction that is encrypted (https:) by a major browser is unsafe on public WiFi? I don't need alarmist, non-technical shibboleths about imaginary evil threats. I'd like the facts,please.

It should be as safe as doing it at home. But, even SSL isn't 100% unhackable. Nothing is. One piece of intelligence Edward Snowden gave up after he fled the US was that the NSA had figured out how to tap into SSL transactions at one end before encryption. The NSA program was known as "Bullrun," I believe, if you wish to read more about it.

If the NSA can do it, hackers probably could too to some degree. So, I wouldn't particularly worry about it happening on public WiFi more than anywhere else.

Posted by
1878 posts

I would not do it over public Wi-Fi (sources of connectivity without a password), but presumably your financial service provider sites encrypt at the application layer (https:), so you should be safe enough. There are no absolutes in IT security, whoever said that is correct. It's all about the trade-offs between convenience and safety. It certainly is way better than the days of internet cafes when you never knew whether the PCs had up-to-date anti-malware or had key logging software tracking your every keystroke.

Posted by
1829 posts

I noticed a trend while traveling to Europe this summer which was different than last year.
All of the hotels and many restaurants and other locations had Free Wifi, all with NO Passwords!

I am not sure why, some even had instructions on connecting to the Wifi which did not seem old but were outdated since they had passwords, so the no password thing seems new!
I would definitely not enter any financial info of Free Wifi with no password.
Over a cell connection would be safer.

Posted by
7181 posts

Thanks very much for those helpful replies about https://. American banks are so terrified of breaches that I feel confident that they use the highest level of available encryption algorithms. Even on the US I have a big problem with two-factor login because I have a pay as you go cellphone, and rarely pay for a day on it.