Most of us do it without thinking. You land at a major airport, your phone buzzes, the battery icon turns orange, and within seconds you’re hunting for a free Wi-Fi connection. It feels completely harmless. Everyone does it. Your gate neighbors are doing it. The woman two seats down just logged into her bank app.
Here’s the uncomfortable truth: that reflexive move to connect could cost you your identity, your savings, and your company’s most sensitive data. Cybersecurity researchers have been raising alarms about airport Wi-Fi for years, and the situation is not improving. In fact, recent data from 2024 and 2025 shows it’s getting worse. Let’s dive in.
The Shocking Scale of the Problem Nobody Talks About
A 2023 Forbes Advisor survey found that roughly two in every five travelers had their security compromised while using public Wi-Fi. That’s not a minor glitch. That’s a near-majority of everyone sitting at gates around you, scrolling through their devices. A 2025 Panda Security survey found that more than a third of Americans at least suspect they had a security incident after using public Wi-Fi, with roughly one in five being certain they did.
Over five million public unsecured global Wi-Fi networks were identified since the beginning of 2025, with roughly one in three users connecting to public unsecured networks. Think about what that means. Millions of open doors, and millions of people walking right through them. Aging tech, more advanced hacking methods, and numerous points of electronic vulnerability have led to a reported 600 percent increase in cyberattacks across the aviation sector from 2024 to 2025 alone.
Airport No. 1: San Diego International Airport – The Most Dangerous in America
Based on analysis by cybersecurity firm Coronet, San Diego International Airport topped the list of risky airports, earning a maximum threat index score of 10. That is the worst possible score. No other airport in the 45 studied came close. Coronet’s data revealed that hackers at San Diego set up an “evil twin” hotspot with the name “#SANfreewifi” to trick users into connecting, which gave them access to all files that victims downloaded or uploaded while connected.
Researchers found that the fake “#SANfreewifi” access point was used to carry out an Address Resolution Protocol (ARP) Poisoning Attack, which enables hackers to eavesdrop on transmitted data, breach sensitive information, and steal passwords. It sounds technical, but the result is brutally simple. You think you’re on a real airport network. You’re not. Every keystroke you make belongs to someone else.
Airport No. 2: John Wayne Airport, Orange County – California’s Hidden Hotspot
It might surprise you that a mid-sized California airport lands this high on the danger list, but the numbers tell a stark story. John Wayne Airport in Orange County, California, received a threat index score of 8.7, making it the second most dangerous airport for Wi-Fi in the entire country. Coronet’s study found that John Wayne Airport had roughly a one in four chance of connecting to a medium-risk Wi-Fi network, and a seven percent chance of connecting to a high-risk network.
Honestly, those odds are terrifying when you stop to visualize them. Imagine rolling a die and knowing that roughly one in fourteen rolls lands you in a situation where a hacker has direct access to your device. According to Coronet’s report, business travelers are at heightened risk of unintentionally facilitating unauthorized device access, data theft, and malware or ransomware spreading across their endpoints. Business travelers carrying confidential contracts and client files should be especially alarmed.
Airport No. 3: Houston William P. Hobby Airport – A Named, Targeted Attack
Houston’s William P. Hobby Airport received a threat index score of 7.5, landing it firmly in third place among the nation’s most Wi-Fi-dangerous airports. What makes this case particularly chilling is the specificity of the attack that put it there. Hackers at Houston Hobby were found using a Wi-Fi hotspot network named “SouthwestWiFi” to breach SSL and HTTPS traffic, which is one of the reasons the airport scored such a high risk rating.
SSL and HTTPS traffic is exactly what most people assume keeps them safe online. The fact that attackers were targeting and breaking through it at this airport should send a shiver down anyone’s spine. Coronet confirmed that an attacker on a Wi-Fi network named “SouthwestWiFi” performed a direct attack on SSL and HTTPS traffic at the airport. When even encrypted connections aren’t safe, you know you’re in dangerous territory.
Airport No. 4: Southwest Florida International Airport – A Sun-and-Sand Trap
Fort Myers might feel like the start of a relaxing vacation, but your data could end the trip as a nightmare. Southwest Florida International Airport in Fort Myers received a threat index score of 7.1, tying it for fourth place in the national risk rankings. At Southwest Florida International Airport, the chances of connecting to a medium-risk network hovered at around 19 percent.
Vacation-bound travelers are actually more vulnerable, not less. When you’re in a good mood, excited about a trip, and moving quickly through a terminal, your guard comes down. The combination of rushed tourists, ubiquitous free Wi-Fi, and relaxed security awareness creates the perfect storm for cybercrime. Leisure travelers are prime targets precisely because they’re distracted and trusting.
Airport No. 5: Newark Liberty International Airport – Gateway to Identity Theft
Newark Liberty is one of the busiest gateways in the entire northeastern United States, which is exactly what makes it so attractive to cybercriminals. Newark Liberty International Airport in New Jersey received a threat index score of 7.1, matching Southwest Florida for fourth-equal position on the danger list. Airports see thousands of different people each day, and since people are traveling from all over the world, you can never be sure of someone’s intentions when they connect to public Wi-Fi.
Newark feeds enormous foot traffic into the New York metro area, meaning hacker returns are high and the pool of potential victims is enormous. For hackers to be successful, they don’t have to dupe everyone. If they can persuade only a handful of people, which is statistically easy to do when thousands of hurried people are milling around an airport, they will succeed. Volume is the hacker’s greatest ally.
The “Evil Twin” Attack: The Threat That’s Getting Worse
An arrest in Australia in 2024 set off alarm bells in the United States that cybercriminals are finding new ways to profit from what are called “evil twin” attacks, which occur when a hacker sets up a fake Wi-Fi network in public settings where many users can be expected to connect. The Australian case made headlines, but security experts say it was anything but unique. An Australian man created rogue networks in multiple locations, including on domestic flights, allowing him to spy on victims and harvest their login details.
The miniaturization of digital twinning technology has made this kind of cyberattack more appealing to hackers, with the technology to pull it off now available for less than five hundred dollars. That’s less than a typical business-class airline ticket. One of the dangers of today’s twinning attacks is that the technology is much easier to disguise. An evil twin device can be tiny and tucked behind a display in a lounge, and still have a significant impact.
What Hackers Actually Steal – and It’s Not Just Passwords
People tend to think hackers want passwords. Sure, they do. But what they’re really after is far broader. The biggest threat on public Wi-Fi is the ability for hackers to position themselves between you and the connection point. Instead of your data going directly to its intended destination, it first passes through the hacker’s system, giving them access to everything: emails, passwords, credit card information, and even business credentials.
Attackers can obtain access credentials to Microsoft Office 365, G-Suite, Dropbox, and other popular cloud apps, deliver malware to the device and the cloud, and snoop on device communications. That means a single airport Wi-Fi connection could hand over your entire professional life. Hackers can spy on you and intercept data you send over a compromised network, meaning passwords or even your Social Security number could be used to steal your identity or break into your online accounts.
Why So Many Travelers Still Connect Anyway
Let’s be real. Even people who know the risks still connect. Why? With 5G still proving to be patchy and higher fees for roaming abroad, many have come to rely on public Wi-Fi services, and the vast majority of travelers depend on free airport Wi-Fi networks to stay connected for work, general communication, and entertainment. It’s become reflexive. Almost biological.
Only about one in five Americans are “very confident” they could identify a false Wi-Fi network. That means the vast majority of travelers are essentially guessing. Security experts warn that as the general population becomes more accustomed to free Wi-Fi everywhere, evil twinning attacks will become more common, especially because people rarely read terms and conditions or check URLs on free Wi-Fi. We’ve been conditioned to click “accept” as fast as possible. That conditioning is precisely the vulnerability.
How to Protect Yourself Without Going Offline
The good news is that you don’t have to sit at the gate, staring at a blank screen, powerless. There are concrete things you can do right now. A Virtual Private Network (VPN) encrypts your internet traffic before it leaves your device, meaning even if you’re on a hostile network, what attackers see is just encrypted gibberish heading to a VPN server somewhere else.
Disabling automatic Wi-Fi connection on your devices avoids connecting to untrusted networks unintentionally. That one tiny setting change can prevent your phone from silently joining a fake network the moment you walk into a terminal. Always verify the network name with an airport employee before connecting, and avoid logging into banking apps, work emails, or making online purchases on public Wi-Fi. And honestly, if you can use your phone’s mobile hotspot instead? Do it. Every time.
Conclusion: Free Wi-Fi Is Never Truly Free
The five airports on this list represent some of the highest documented cyber risks for travelers anywhere in the United States. San Diego, John Wayne, Houston Hobby, Southwest Florida, and Newark Liberty have all seen real, documented attacks on their Wi-Fi infrastructure, not theoretical ones. As cybersecurity firm Coronet put it, the lax cybersecurity posture at most airports has created an environment in which adversaries can utilize insecure public Wi-Fi as the attack vector to introduce a range of advanced network vulnerabilities.
Free Wi-Fi at an airport feels like a small gift. In reality, it can be the most expensive thing you pick up on your trip. The next time you’re sitting at a gate, watching that list of available networks appear on your screen, remember: one of those names might belong to someone who is very patiently waiting for you to tap “connect.”
What would you have done differently if you’d known this before your last flight? Tell us in the comments.
<p>The post The Wi-Fi Warning: Why You Should Never Log In at These 5 Major Airports first appeared on Travelbinger.</p>