Public Wi-Fi helps us stay connected no matter where we go. It’s convenient to use at a coffee shop, a neighborhood restaurant or the airport, but how safe is it? Unfortunately, cyber criminals can log in to the same free network that you do and attempt to gain access to your devices and personal information.

“The Wi-Fi may be free, but that doesn’t mean your online activities are safe,” says Cheryl Lorei, a senior IT analyst at Erie Insurance who has worked in information security for more than 20 years. “The big concern with public Wi-Fi is that your information could be available to anyone on the network. It’s nothing against the businesses that offer free Wi-Fi, it’s just that they’re not in the business of keeping your personal information safe.”

Here are a few key things that you need know about public Wi-Fi security and how to keep your personal information safe.

1. Watch out for phony Wi-Fi access points. Fake routers are designed to look legitimate, but hackers operate them. With this popular method, called a man-in-the-middle attack, the invader tries to get between you and your personal information that is stored on a banking website or in an email. “These situations can be difficult to detect,” says Lorei. “If you don’t know who is running the network, don’t use it. Always ask the business owner or hotel to verify the network name before you connect to it.”
2. Never automatically connect to a public network. Once you’re finished using one, remove the public Wi-Fi connection from your device by choosing “Forget this Network.” If your device is still in the mode of actively trying to connect, a hacker may notice and create a phony access point.
3. Limit your activity while using public Wi-Fi. When you’re using free Wi-Fi, it’s not a good time to shop online, use social media or access your bank account or email. “You want to avoid visiting websites that save and store your personal passwords or credit card numbers,” says Lorei. “You could inadvertently make it easy for someone to access your personal information. Once they have your password, they will try to reuse it repeatedly to access other sites to gain more information about you.”
4. Use secured websites or a VPN service. Generally, it’s best to access secured websites that begin with https rather than http. The s in the address is an indication that the site uses a secured encryption Web protocol to protect the confidentiality of online activities or transactions. A virtual private network (VPN) also offers a connection that is encrypted and secured. VPN can help protect you from digital eavesdropping even when you’re on public Wi-Fi. The fees for basic VPN services are less than $10 a month.
5. Turn your smartphone into a secure personal hotspot. Most mobile phones can be turned into hotspots and support several devices at once. However, check your data plan before you try it to avoid unexpected expenses. “Personal hotspots are popular alternatives, but you still need to do your research about how to protect and secure the connection,” Lorei says.

Once your identity is stolen, it can be difficult to recover. “Unfortunately, you’re not going to be able to flip a switch to restore everything,” Lorei says. “It’s a smart move to do all you can to protect yourself.”

Insurance coverage is available for identity theft and fraud. With Erie Insurance’s Identity Theft Recovery Coverage, you’ll get help with the recovery process and coverage for expenses like charges for credit reports, lost wages and even some legal fees. The cost of the coverage is low—about $20 a year—and it can be added to a home or renters insurance policy.