Ars Technica Details the Danger of WiFi Hotspots
“Free” Wi-Fi from Xfinity and AT&T also frees you to be hacked http://feeds.arstechnica.com/~r/arstechnica/index/~3/s-x4Wk3bVTo/
This is a great article from Ars Technica discussing the dangers of using WiFi hotspots, even those from trusted providers. Thousands of hotspots are turning up around Delaware advertising xfinitywifi (including one in my own building), a free WiFi network for customers of Comcast’s Xfinity service. The problem with these WiFi hotspots is that your wireless device has no way to determine if the hotspots are authentic. This matters because before you are able to use these hotspots, you must first authenticate using your xfinity login and password.
This is dangerous because there is nothing to prevent a malicious hacker from creating a Hotspot named xfinitywifi and then setting up a fake authentication page to intercept your account login. The worst part is that once you instruct your device to trust a connection with a WiFi router with that SSID identification (xfinitywifi) it will try to reconnect whenever it sees a Hotspot with that name.
For this reason, I have stopped using this free service of my cellular provider and Internet service provider. If you are an xfinity user and absolutely need to use the network of free WiFi routers, I would suggest that you setup an additional ID with Comcast just to use for WiFi access. When you add this additional ID, you have the option to provide it with no administrative access to your account, so even if it is hacked, no damage can be done to your account or personal information. Just make sure you use a different password for your dummy account.