The Hidden Dangers Of Using In-Flight WiFi

Whether you're expecting an important email or want to stay on top of your social media feed, the allure of in-flight Wi-Fi is certainly there. Though in-flight Wi-Fi has been around for a while now, airlines are updating their policies so passengers can enjoy free Wi-Fi while they fly as a way to maintain and grow their customer base. But being tens of thousands of feet in the air doesn't protect you from the risks associated with connecting to public Wi-Fi hotspots.

In 2024, the Australian Federal Police charged a man for stealing personal information during the flight through what is called an "evil twin" cyberattack, wherein a malicious third party creates a fake Wi-Fi network with an official-sounding name. Users who connect to these networks will often be led to a phishing site where they'll be asked to enter their email and password or log in through one of their social media accounts. Meanwhile, any entered data is intercepted, copied, and stored on a third-party device. 

Though the above-mentioned case is the only one that's been reported, travelers should be aware that it is possible and read up on how to protect their data and personal information. Though it can't be said for sure that cyberattacks are common aboard planes yet, they are increasingly common in airports, train stations, cafes, and even hotels — basically, anywhere you might expect people to linger for a couple of hours.

Let's say you want to connect to the in-flight Wi-Fi. How can you be sure that the network you see is the official one? Quickly skimming the list on your phone or computer will not suffice. It's crucial to double-check the network name. Fake networks will be formatted to look just like the real thing, so look for official airline documentation on board to confirm which network is safest to use. Brochures promoting the aircraft's Wi-Fi service, for example, may have the network name printed and specific instructions on how to connect. Some airlines will also have information stickers with QR codes leading you to an official landing page with more details.  

Pay close attention to any suspicious actions required from the network after you've connected your device. Most in-flight networks should not request any information to be entered to connect to the Wi-Fi; if you see a log-in screen asking for your email address or social media details, you should be wary. Some networks may ask you to register your email address, where they'll send a confirmation to complete your connection. This can feel a bit odd, but this type of connection should never require a password. It's a good idea to use secondary email addresses in these cases or emails that are not connected to important personal accounts. When in doubt, it's best to ask the flight attendant for the official Wi-Fi network and details.

How do you protect yourself from potential cyberattacks while you're flying to and fro? General public Wi-Fi safety tips apply to in-flight Wi-Fi too. The rule of thumb is to avoid logging into your bank accounts or any other website that could provide access to your financial information. Be sure to avoid online purchases and money transfers, since they would expose your credit card information to potential hackers. 

If you need access to the in-flight Wi-Fi for any reason, consider using a virtual private network (VPN) to keep your data safe. VPNs are not impossible to bypass, but they will make it significantly harder for hackers to steal your data. You can also take the extra step of turning off network discovery so your device isn't seen by malicious users.

In general, you'll also want to disable auto-connect on your phone so as not to accidentally hop on in-flight Wi-Fi, especially if you have no plans of using it. If you do use the available in-flight Wi-Fi, remember to head into your device's Wi-Fi settings and forget the network after using it. This will ensure you completely disconnect your device from the network and keep any hackers at bay. Ultimately, though, the only way to be certain your information is safe is to not use the in-flight Wi-Fi.

Cyberattacks are not uncommon in airports. Well before you board your flight, take the security measures mentioned above to protect your device and personal information, and keep in mind other ways hackers may steal your data, such as "juice jacking." Juice jacking happens when hackers install malware in USB charging ports. Anybody who then plugs in their phone or computer to recharge before their flight is at risk. This is an alarming reason you should avoid logging into your accounts on airport Wi-Fi, in particular, any sites that have access to your financial information, as above. 

Sea travel isn't any safer than air travel. The best way to protect your data on a cruise ship is to practice a similar kind of caution. Instead of a VPN, some seasoned cruise passengers recommended putting a bit of budget into purchasing cellular data for the duration of your trip. For a better price point, check to see if your mobile carrier offers a cruise package with daily rates for texts and limited or unlimited data usage.