Most Airbnb users book stays with no major issues. But staying in a stranger’s house means you inevitably make yourself vulnerable to some risks, some of which have included scams, hidden cameras and discrimination. It can be hard to let your guard down while renting an Airbnb ― and you shouldn’t, even if everything seems to check out.
That’s because there could be another danger lurking in your rental that’s harder to detect: the Wi-Fi.
Beware The Wi-Fi
You probably know to use extra caution when using public Wi-Fi networks such as those at your local coffee shop or the airport. Even when a password is required to access the network, you’re at risk of a number of different kinds of attacks, according to Jason Glassberg, an “ethical hacker” and co-founder of Casaba Security.
A common one, he said, is the “evil twin” attack, which involves setting up a fraudulent Wi-Fi access point that looks legitimate. Users enter their credentials to log on or are directed to a malicious site that looks like the one they intended to visit but is actually secretly capturing their information. Similarly, a “man in the middle” attack allows hackers to essentially eavesdrop on web traffic and gain access to sensitive information the users believe is being shared privately.
“The same worries and warnings you would give someone about using public Wi-Fi should really be the same when you’re going into an Airbnb, because someone can set up the very same infrastructure in the rental property,” Glassberg said.
It doesn’t take an ill-willed host for this to happen, either. Often, it’s past guests who have compromised the Wi-Fi. Unlike at your local coffee shop, a router in an Airbnb is often left out in a common space with no supervision, allowing anyone who stays there to tamper with it.
Hacking a Wi-Fi router can be as easy as using a paperclip to reset it and gain admin control. From there, scammers can review the router’s backup file for the credentials it’s stored, or reroute traffic to a personal computer where they can collect valuable data months or years later.
Watch Out For Smart Devices Too
The Wi-Fi router isn’t the only way hackers can steal your data. There are a variety of devices often found in an Airbnb that can appear to be an added convenience but are really there to capture your information.
For instance, Glassberg said a host might leave a tablet or desktop available to guests so they can check email or catch up on Facebook. Maybe there’s a smart TV that allows you to log into your favorite streaming service. All of these devices can be used to harvest user credentials with a simple key logger.
One of the big problems Glassberg says he sees with people’s online habits is password reuse. People will use the same password for their Amazon account, Gmail, Netflix, etc. “The thing to remember is that these smart TVs are really computers stuffed in the back of a television,” Glassberg said. “They have things like video cameras, and they have online conveniences like Netflix. So if I can capture one set of credentials, there’s a very good possibility that I could reuse them somewhere else,” he explained.
Even an item as innocuous as a shared printer can pose a threat. “In the same way you think you’re connecting to a website, you can think you’re connecting to this printer, but it’s actually a rogue device,” Glassberg said. Scammers can also hack into the printer to view documents that have been sent to it or even install malware that lets them control it remotely. “It’s not a very common attack, but it is a risk,” Glassberg said.
Unfortunately, opting for a regular hotel won’t eliminate the risk. Though major hotels will likely have more security features in place, that’s not always the case, and similar concerns about using Airbnb Wi-Fi networks apply to hotels too.
For example, Glassberg was recently traveling overseas and noticed that his hotel used Cisco equipment. On a lark, he decided to see if he could gain access to the network. “I logged in with the old ‘admin’ ‘admin’ credentials and what do you know? Default password,” he said.
Further, hotels present a much wider net for hackers to collect information. “At a hotel, [scammers] may have a greater level of success because there are a lot more guests,” Glassberg said. “The payoff also is potentially higher, because more guests mean more people entering credit cards, etc.”
How To Protect Yourself Against Wi-Fi Security Threats
So does this mean you should cancel your summer travel plans and forget about lodging? Not at all. There are a few easy things you can do to protect your sensitive information while using Wi-Fi.
First, keeping your devices and computer up to date with the latest patches and software is the most important thing you can do securitywise, Glassberg said, whether you’re logging into your own network or somebody else’s.
If you do need to use the Wi-Fi, consider going through a virtual private network (VPN). “It’s a very simple thing to do nowadays,” Glassberg said. In fact, there are several services available online for a few dollars a month.
Another option is to use your phone as a hot spot, which creates a secure Wi-Fi network you can log onto with your laptop or other device. “It was very expensive years ago, but now, it’s part of just about everyone’s package,” Glassberg said.
Use Your Best Judgment
It’s unlikely that you’ll get hacked using your Airbnb’s Wi-Fi, but it’s always a possibility. So be safe rather than sorry, and avoid visiting particularly sensitive websites or performing financial transactions on an unknown network. For example, you’re probably fine checking the news, but don’t log into your bank account or PayPal a friend.
“At the end of the day, any infrastructure that’s not your own should be treated with a great deal of suspicion,” Glassberg said.