Folow us
Youtube
Twitter
Menu
We may earn affiliate commissions for the recommended products. Learn more

VPNproExpert insights

The Dangers of Unencrypted Internet Traffic And How to Protect Yourself

Last updated Apr 1, 2025 at 11AM ET
Justė Kairytė - Barkauskienė
Justė Kairytė - Barkauskienė, Senior Tech Copywriter
Risks of unencrypted internet traffic

The dangers attributed to using unencrypted traffic are rising exponentially with the spread of publicly available Wi-Fi connections you can find at every coffee shop, train station, airport, and even your barber’s. And I bet you’ve used such a public connection at least once without considering its dangers.

The very phrase – public Wi-Fi – means an unencrypted network connection available to everyone. As you might well know, not everyone comes with good intentions, and the same as this public connection is available to you, it’s also available to malicious actors. Thus, very unknowingly, millions expose their sensitive information, like passwords, payment details, and even personal messages, every day without realizing how easy it is to intercept. The reality is that if your internet connection is unencrypted, your data travels through the web like a shopping list dropped on the mall floor - visible to anyone smart enough to look.

So, let’s explore the dangers of unencrypted internet traffic and what measures you can take to stop oversharing your sensitive information online.

The biggest dangers of unencrypted Internet traffic

An unsecured network, which is most often a public Wi-Fi, lacks basic security measures like encryptions or password protection. This makes such a connection vulnerable to unauthorized access and data breaches. And, if you think being watched while connected to an unsecured network is the biggest danger, think again. The hazards are much more grave as you’re putting your information at risk of data and credential theft, unauthorized access to sensitive personal data such as login details and financial data, and even malware infections. Because public Wi-Fi connections or any other unencrypted connections can be easily intercepted, the users – namely, you – become highly vulnerable to Man-in-the-Middle (MITM) attacks, among other cyber threats. Let’s take a deeper look at the dangers stemming from unencrypted traffic:

1. Public Wi-Fi attacks

Hackers can easily exploit the unencrypted traffic of a public Wi-Fi network by intercepting the data transmitted between your device and the network. These Man-in-the-Middle attacks can be achieved using packet sniffing tools to capture data (similar to the infamous Firesheep browser extension for Firefox) like credit card details, passwords, and messages. Alternatively, cybercriminals can set up rogue hotspots, also aptly known as Evil Twin attacks, to trick you into connecting and sharing your details willingly but unknowingly.

2. ISP tracking

Your Internet Service Provider, or ISP for short, is not as innocent as it may look. In fact, ISPs can read your network activities as an open book, and ISP employees have lawful access to the stuff you do online. Now, what they can do with your data highly depends on the country. However, even in places like Europe, where strict GDPR rules apply, the employees themselves can still see what you’re up to online. In worst-case scenarios, ISPs can collect your data and supply the government with it or even sell your data to third-party advertisers and make money out of it. That is, if you rely on unencrypted network connections, transferring your data through the net visibly to everyone curious enough.

The easiest way to tell if your activities are monitored by your ISP is bandwidth throttling (or slowing down of your connection) and unexpected blocking or access denial to pages you previously could freely visit.

3. Man-in-the-Middle attacks

MITM attacks are a good example of cyber espionage. In these attacks, the malicious actor intercepts and relays communications between two parties (you and a website’s server, for example). All the while, the two parties have no idea their line of communication has been intercepted. Once the attacker has established themselves as the middleman, they can see both the request and the response, which allows them to alter the communication, inject it with malicious content, or simply eavesdrop.

While there aren’t any huge red flags, you’d immediately see if, under an MITM attack, suspicious HTTPS warnings about SSL/TLS certificate validity may be giveaways of interrupted traffic. Additionally, if your usual websites start redirecting you to suspicious sites or start acting in an unusual way, this should also raise suspicion of an MITM attack.

4. IP and location tracking

Usurping an unencrypted Wi-Fi connection is a piece of cake for a hacker. I won’t explain how it can be done for certain reasons, but once they have administrative access to a network, malicious actors can monitor incoming and outgoing traffic to identify the IP addresses of devices on the network. In its own right, an IP address can give information about your general geo location, internet service provider, general browsing data, and even concrete information about the device you’re using. Sounds unrealistic? You can always verify this by heading to ipleak.net and checking your own IP address to see how many other details are revealed just from it.

If you start seeing unusual ads, experience frequent unexpected logins, or changes in your geolocation, it may indicate your IP address is being tracked.

5. Scam websites and phishing

Every legitimate website has an SSL (Secure Sockets Layer) certificate. In a nutshell, such certificates are used to authenticate a website’s authenticity and enable an encrypted connection between your browser and the website. Sites that have the SSL certificate can always be identified by the ‘https://’ prefix in the domain name, while sites without it have the ‘http://’ prefix. Now, here’s what hackers do in this situation: they can get fake SSL certificates to trick you into thinking the website’s safe, and once you enter any of your data into such a page, it falls straight into the bad actor’s lap. One thing you can do here is to never enter your details in the ‘http://’ prefix sites and if you have a sneaking suspicion that a ‘https://’ site might also be unsafe, your only salvation is a VPN to encrypt your traffic and make it imperceptible to onlookers.

Scam websites can usually be told apart from their too-good-to-be offers, poor website design and broken links, aggressive pop-ups, requests for sensitive information, and suspicious URLs ending at TLD like .xyz or .club, among other things.

6. Government surveillance and censorship

Governments around the world can choose to monitor and control citizens’ online activities legally. Sadly, though, it’s not necessarily done to increase the overall security of the citizens themselves but rather to suppress dissent, maintain control, and restrict access to information. Imagine this as if you are constantly being watched by Big Brother every moment you spend online. The most notorious countries for government surveillance are China, Russia, Iran, and Vietnam (just to name a few). Still, even European countries and the US can legally track their citizens’ network doings. The funny thing is that a lot of people are unaware that using incognito mode does not protect your ISP or your online activities, and the government and hackers can still see what you're doing online. To protect yourself from this, you’ll need bigger guns. I’ll get to them shortly, so keep on reading.

Is it safe to use public Wi-Fi?

In short – no, it is not safe to use public Wi-Fi. As you already know, most public Wi-Fis you can find at airports, cafes, and malls lack encryption. Without proper network encryption, everything you do online becomes visible to anyone curious enough to look. For instance, Statista found that public Wi-Fi was a common source of data breaches, according to adults in the United States, as of February 2023, including in spaces like cafes and restaurants, airports, hotels, libraries, and schools. So, even though a library network connection might seem inherently safe, it’s the opposite.

On the other hand, more and more sites use website encryption. I’ve talked a little bit about it before, with the safe websites being marked, with the padlock icon, and having the ‘https://’ prefix. The idea behind it is that although the network connection might not be encrypted, the connection you establish with such a site will be secure nonetheless. Yet, there’s still one caveat with that, too – fake certificates and malicious sites that try to recreate the look of the legitimate ‘https://’ sites.

In the end, you might find contradicting statistics on public Wi-Fi safety. Some will deem it completely unsafe, while others will consider it safe enough to use. However, luck runs out, but safety is good for life, as the old adage goes. So, if you have to use a public connection, make sure you have the necessary tools to protect your data.

The best ways to protect your Internet traffic

The answer is simple – using a Virtual Private Network, or VPN for short, is the best way to encrypt and protect your online data. VPNs are not new in the cybersecurity world and have been in use since the early ‘90s. However, these days, with actual threats looming at every container of the internet, VPNs have become widely popular due to their security benefits. In the end, a VPN can encrypt your network traffic, making it imperceptible to any onlookers, including government officials, and transfer your data through the network via a safe pathway called a tunneling protocol. Additionally, VPNs can hide your real IP address and provide you with a new one to keep your identity secure.

Naturally, with so many VPNs on the market, it might be a bit difficult to find the best one for you, so I’ll share my own top 3 VPNs for online safety below. With so many VPN providers available, it can be tough to figure out which one truly protects your privacy and security. Some VPNs lack strong encryption, while others might log your data despite claiming otherwise. That’s why I’ve tested and picked my top three VPNs based on strict security features, verified no-logs policies, and additional privacy perks.

NordVPN

NordVPN is my top overall choice for everyday online security due to many reasons. First off, the well-designed apps are very easy to use, even if you’ve never used a VPN before. Plus, it offers the latest security technology to safeguard all your network activities.

While I could write an essay about this VPN benefits, I’ll highlight just the key factors why I think it’s the best choice for online security:

  • Encrypts your data with AES-256 encryption, which is widely recognized as the most secure choice to date.
  • It offers NordLynx proprietary tunneling protocol, which both creates an incredibly robust pathway for your data and transfers it at lightning speed.
  • The Threat Protection feature that comes with this powerhouse VPN can block phishing sites, malware, and annoying popups.
  • It hides your IP address and secures your network activities from ISP and government surveillance.
  • Lastly, it even has Dark Web monitoring that alerts you if your credentials are leaked online.

And that’s just the tip of the iceberg when it comes to NordVPN features. However, even that’s enough for it to be my all-time favorite VPN.

Surfshark

Surfshark is also a perfect choice for keeping your online activities secure. I especially like that you can pair it with the Surfshark Antivirus software for a well-rounded cybersecurity approach. It would also be a great selection for families, as one subscription covers unlimited connections.

Same with NordVPN, I could talk for hours about Surfshark’s benefits, but instead, I’ll highlight its key aspects:

  • Robust security ground base with AES-256 encryption, WireGuard tunneling protocol, and a kill switch. All these features are meant to encrypt your traffic, deliver it from point A to B safely, and ensure your IP address never becomes compromised.
  • Unlimited simultaneous connections. As I mentioned, this might be a great choice for families or those using many devices.
  • Camouflage Mode, available on Surfshark, can hide the fact you’re using a VPN. This is excellent if you’d like to use a VPN in countries where its usage is restricted.
  • The CleanWeb feature will remove trackers, ads, and malicious sites, making your browsing safer and less cluttered with ads.
  • Surfshark VPN pairs well with the Surfshark antivirus software for extra protection. With it, you’ll get malware scans, real-time protection, and even webcam protection features.

In the end, I think you’ll like it if you’re looking for a well-rounded yet easy-to-use cybersecurity solution.

Proton VPN

This Swiss-based VPN is an ideal choice for complete anonymity. Switzerland has some of the world’s strongest privacy laws, and the provider itself undergoes a no-logs policy verification at least once a year. This means that none of your data can ever be tracked or logged.

Same as with my other VPN choices, Proton VPN deserves an article of its own, but key highlights will have to suffice for now:

  • Yearly audits of no-logs policy. This is the most often audited VPN on the market, so if privacy is your priority, go with Proton.
  • It offers various additional features, including Tor over VPN. This means you can use both a Tor browser and a VPN, leaving no room for spying or data leaks.
  • Like my other choices, Proton VPN also offers additional features to eliminate trackers and block ads.
  • If you’re on a tight budget, you can use the Proton VPN free version. It has some limitations, but overall, it is an excellent alternative to potentially unsafe free VPNs.
  • Lastly, Proton has Secure Core servers. Such servers re-route your traffic twice, with the middle server always based in privacy-respecting countries like Iceland or Switzerland.

Even though Proton VPN might sound like some spaceship of a VPN, it actually comes with a very user-friendly interface, and I doubt you’ll have any issues using it.

How to use public Wi-Fi safely

Besides always using a VPN to encrypt my traffic, I also rely on several other key principles to keep my network activities private. I won’t gatekeep them, so you could use them too to enhance your overall security online:

  • Trust HTTPS only. Look for the prefix and the padlock symbol before entering any of your details on a website. Better yet, click on the padlock symbol and check if the site’s SSL certificate is valid.
  • Disable ad tracking and location services on apps. Yes, sharing your location with the Garmin smartwatch app might not pose any actual threats, but does your local grocery market really need this info? Beware of apps that might be collecting unnecessary data, and disable ad tracking and location services if you do not actually need them.
  • Encrypt your messages. Standard SMS messages are easy targets for hackers. If you’d rather keep your conversations truly private, consider apps like WhatsApp and Telegram that provide message encryption.
  • Turn off auto-connect for public Wi-Fi. This will prevent your device from automatically connecting to risky networks. After all, home is where the Wi-Fi is, and I suppose you don’t live in a coffee shop.
  • Use secure search engines. I think you might be fully aware that Google collects your data – copious amounts of it, to be precise. If you’d rather it didn’t, I recommend using solutions like Surfshark Search or looking into Google alternatives like DuckDuckGo.

Having all that in mind, I still strongly recommend using a VPN to secure your unsecured connections. Whether you’re using public Wi-Fi or your home connection, without a VPN, your online activities are primed for exploitation.

Common questions about public Wi-Fi security

Many people have misconceptions about using public Wi-Fi, and this is reflected in the most frequently asked questions. Here, I’ll try to answer some of them; hopefully, this will clarify things for you.

What are the risks of using public Wi-Fi?

The biggest risk of using public Wi-Fi is Man-in-the-Middle attacks. During such an attack, a malicious actor inserts themselves in the middle of your network connection between you and any website you visit. Once they establish the position, they can intercept and alter your traffic. The worst part is that they can see and glean the sensitive data you share on the network, which might result in data leaks, identity theft, and even financial fraud.

How can I protect myself on public Wi-Fi?

The most foolproof way to protect yourself on public connection is to use a VPN service. A VPN encrypts your traffic turning it into imperceptible gibberish to anyone looking and delivers your data to its endpoint on a secure, impenetrable pathway. Thus, a reliable VPN is the best you can do to protect yourself on public connections.

Is using public Wi-Fi dangerous?

Yes, using public Wi-Fi is dangerous. First off, most public networks are unencrypted and the data flowing through them is clearly visible to any onlooker. Additionally, even though you’d only use encrypted and secure ‘https://’ websites, they may still be fake and set up by malicious actors. So, overall, if you need to use a public connection, make sure you protect your data with a VPN.

Can hackers see my data on public Wi-Fi?

Yes, hackers can see your data on public Wi-Fi using several techniques, like packet sniffing, MITM attacks, and rogue access points. This is possible because public connections are almost always unencrypted.

What should I avoid doing on public Wi-Fi?

Avoid entering personal data or performing financial transactions while connected to a public Wi-Fi network. Casual browsing might not be as dangerous, but even then, malicious actors can figure out your IP address and associate it with some of your personal information. As always, I advise using a VPN to encrypt your traffic while on public Wi-Fi and protect your sensitive data from the dangers of public network connections.

How can I tell if a public Wi-Fi connection is safe?

You can do several things to verify if the connection is safe:

  • First, check its authenticity by verifying the network’s name and the establishment to which it belongs.
  • Check if the connection requires a password and utilizes encryption protocols like WPA2 or WPA3. To do this, click on the Wi-Fi taskbar icon, head to Network & Internet Settings, open Wi-Fi, and click on Hardware Properties. There, look into the Security Type field and see if it mentions WPA2 or WPA3.
  • Inspect for unusual network behavior – if your connection keeps dropping, is very slow, or you encounter a lot of unexpected pop-ups, it might be a sign of a compromised network.

Are there apps to enhance public Wi-Fi security?

Yes, VPN (Virtual Private Network) apps can greatly enhance public Wi-Fi security. A VPN encrypts your traffic, making it imperceptible to malicious actors, the government, or ISPs. Additionally, exceptional VPNs block trackers and malicious websites from reaching you.

Conclusion

Online privacy is no longer a given. With cyber threats getting more elaborate and cybercrime on the rise, protecting your data, identity, and information online is necessary. Additionally, hackers, ISPs, advertisers, and even the government can easily track and profit from your online activities, especially when connected to a public, unencrypted Wi-Fi network.

Luckily, you can secure your network activities and data by employing several techniques. I recommend relying on the encryption a VPN provides, secure browsing habits, and privacy-focused tools, including ad blockers. While all of this might sound like a job for an IT professional, you can easily use these tools to protect your online identity and network activities.

avatar
Justė Kairytė - Barkauskienė

Senior Tech Copywriter

My name is Justė, and I’ve joined the VPNpro team as a senior copywriter to share my expertise in VPNs and antivirus software. My goal is to provide the readers with clear information about cybersecurity, digital privacy, and the best solutions to achieve that. I’ve been writing professionally since 2018 on topics ranging from casual reading a Bored Panda to FinTech news, cryptocurrency solutions, loyalty program creation and implementation, and, lately, my favorite topics – VPNs and antivirus software. With the VPNpro team, we’ve tested hundreds of cybersecurity solutions, thousands of features, and probably millions of functionalities and, with the help of my writing expertise, continue to deliver straightforward solutions to everyday and complex security challenges. In my spare time, I train horses, walk the dog, explore the countryside, and work out like mad.

default-avatar.

Your email address will not be published.   Required fields are marked *

Jump to section:
Thanks for your opinion!
Jump to section