Leaving your phone’s Wi-Fi on all the time is a huge risk, experts warn
Most people think they’ll be safe from most cyber security threats as long as they pay attention and follow certain rules, like knowing how to spot phishing messages and not downloading unusual apps. But attackers can gain access to your phone even if you do everything right.
French cyber security authority CERT-FR recently published a “Threat Landscape Since 2025” report (PDF) that warns of security vulnerabilities that can be found in ALL modern smartphones. Wi-Fi and mobile networks in particular can harbor unimaginable dangers.
These kinds of Wi-Fi-related risks aren’t new. Australian authorities were warning against using Wi-Fi on phones as early as 2024, and CISA (Cybersecurity and Infrastructure Security Agency) recommends switching off Wi-Fi when traveling. So what’s new here? What do you need to know? Read on below.
Why is Wi-Fi dangerous when traveling?
According to CERT-FR, smartphone users on public Wi-Fi networks are extra vulnerable to “man-in-the-middle” (MITM) attacks. Hackers can secretly get between you and the Wi-Fi access point, allowing them to eavesdrop and intercept your data. This is common on unsecured networks, like those found in cafés, restaurants, etc.
CERT-FR mentions the “Evil Twin” method, which attackers use to create their own Wi-Fi access points that are disguised as legitimate networks. Anyone who connects to an “Evil Twin” network will think they’re connecting to a proper (and supposedly secure) network, but will end up catching malware and completely losing access to their device.
The use of outdated mobile networks (like 2G) also poses a major risk. These older networks typically have unpatched security flaws and mechanisms, making them easier to crack than newer networks (like 5G).
How to protect yourself
The easiest way to protect yourself from malware, eavesdroppers, data intercepters, and other malicious attacks while traveling is to completely turn off Wi-Fi and Bluetooth. Of course, this isn’t sustainable 100% of the time since you can’t go completely without them in the modern era. But whenever possible, disable those features and only re-enable them temporarily when you absolutely need them.
On Android devices, you can prevent your device from connecting to Wi-Fi networks by pulling down the quick access menu and tapping the Wi-Fi icon. This is also possible on iPhones, but it’s better to deactivate Wi-Fi via the settings to switch off the feature completely (otherwise some services, like AirDrop, can still access it).
You should also avoid connecting to public Wi-Fi networks, as these are more likely to be unsecured and tend to attract malicious attackers. And never connect to Wi-Fi networks you don’t recognize, even if they appear legitimate, inconspicuous, and secure. To be extra safe, you should also turn off automatic Wi-Fi connections.
CERT-FR also warns against using NFC connections when they aren’t immediately needed. You can recognize whether NFC is enabled or disabled by the “N” symbol on your device.
Alternatively, you can use airplane mode to be protected against all wireless connections. However, you won’t receive any messages, calls, or data while airplane mode is enabled, which is admittedly a huge drawback to using it.
Last but not least, you should also consider using a reliable antivirus app on your mobile phone. This will be the last line of defense in case you ever slip up and catch malware out in the wild.