UK Public Wi‑Fi Safety in 2025: Airports, Trains, Cafés

Public Wi-Fi has become a part of daily life for travellers, commuters, and students across the UK. From rail stations and airports to every manner of café. Public Wi-Fi in 2025 promises mobile data speeds at little to no cost. However, it also comes with the risks of cybercrime.

Rogue hotspots, often referred to as “evil twins,” can appear identical to trusted networks. Captive portals may inject adverts or redirect traffic. Session hijacking and DNS snooping can steal logins. Malicious QR codes and device tracking add even more layers. Threats like these make it critical to stay alert when you’re connecting to public Wi-Fi.

What’s New in Wi-Fi Security?

There have been some advancements, but not all of them make things more secure. WPA3 and Wi-Fi 6/6E upgrades are much more common across the UK now. This shift makes connections faster and more resilient, particularly in high‑density venues like airports and train stations. Passkeys are also much more common. They cut down on the need for passwords. Browsers are also using DNS-over-HTTPS by default much more often, offering some protection against traffic interception.

That said, there are still plenty of limits. Private Relay from Apple hides browsing activity, but isn’t a VPN. It also doesn’t work with all apps and services. Public networks are still target-rich environments for cybercriminals, and attackers adapt quickly. A good VPN is absolutely essential for real protection.

Airport Wi-Fi: Heathrow, Gatwick, Manchester

Airports remain some of the busiest and riskiest places to connect. Heathrow, Gatwick, and Manchester offer free Wi-Fi, but only with captive portals. Captive portals require you to navigate through login screens that can be imitated or forged.

Rogue hotspots named “Free Heathrow Wi-Fi” or “Gatwick Guest 5G” can look convincing. But once travellers connect, they expose their traffic and login details. Shared networks also make it much easier for criminals to scan connected devices.

Safer practices include checking the official SSID before joining, keeping auto-reconnect disabled for public networks, and using a VPN to encrypt all traffic. Mobile data is always the safer choice for sensitive tasks like online banking.

Rail Wi-Fi: Underground, National Rail, LNER/Avanti/GWR

Rail travel across the UK often includes patchy or unsecured Wi-Fi. On the Underground, free connections are widely used but vulnerable to imitation. Attackers create an evil twin network with a stronger signal, and people flock to it. TfL riders and customers are often the target of cybercriminals, with over 5,000 being targeted recently.

National Rail services, along with providers such as LNER, Avanti, and GWR, offer onboard Wi-Fi that is convenient but not always encrypted. Repeated logins can also expose passengers to device tracking, as systems remember connections.

To lower the chances of something happening, avoid logging into anything sensitive on train Wi-Fi. If you must, be sure to use a VPN to encrypt your data. Most VPNs will even have an option to auto-connect, which means you can set it once, and it will protect you every time you’re on open Wi-Fi.

Wi-Fi Safety in Cafés, Libraries, and Other Shared Spaces

Cafés, libraries, and similar shared spaces are always popular spots to connect. Students, commuters, and more all use these networks. They’re often only minimally secured and lack any encryption between the router and the users. That makes them prime targets for malicious QR codes on tables or posters. Riders scan these and are dropped into unsafe networks or fake websites.

Open access also makes it simpler to eavesdrop on unsecured traffic. Criminals can read your conversations, grab your usernames, crack your passwords and passphrases, and see everything you do unless you encrypt your traffic.

How to Choose the Best VPN for Public Wi-Fi

Knowing how to choose the best VPN for public Wi-Fi is critical. The best VPN will have leading encryption, DNS leak protection, kill switch functionality, and more. Look for wide server coverage, not only in the UK, but abroad. Make sure they have an app or client for all of your devices.

For UK travellers and commuters, a VPN is essential—perhaps not life-changing, but crucial. VPNs keep browsing and data in transit safe and private. Data breaches remain a persistent threat. Making VPN use a part of your daily habits will make your interactions with public Wi-Fi safer.

Staying Secure on the Go

Public Wi-Fi is convenient, but it remains a risk, even today. Rogue hotspots, tracking, and weak networks continue to expose users to risk, whether at the airport, on trains, or in your favourite cafe. The new standards show progress and offer protection, but WPA3, Wi-Fi 6, and passkeys can’t address all threats. Adopt safe practices and know how to choose the best VPN to stay safe. Strong habits and secure connections keep mobility and safety aligned.