Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
Crowdstrike 320×100
2nd Edition GlitchZone RHC 970x120 2
Myths and DNS Spoofing: If I Don’t Make Payments or Log In Online, Am I Really Safe?

Myths and DNS Spoofing: If I Don’t Make Payments or Log In Online, Am I Really Safe?

RedWave Team : 12 November 2025 14:43

It’s often thought that avoiding online dangers is as simple as not making payments or entering credentials while browsing. This approach, while seemingly prudent, is profoundly flawed for several reasons—especially when using open networks, such as public WiFi.

One: The data can still be intercepted

Even without performing any sensitive actions, such as logging into accounts or entering credit cards, our devices and connections are constantly transmitting data . On unprotected networks, such as open WiFi, this data can be intercepted extremely easily. Among the most exposed information are:

  • Session cookies :
    Small files used to maintain access to online services. This authentication information, if intercepted, could allow a hacker to access our accounts without a password.
  • Browsing data : Browsing history, preferences, and sites visited can be collected and used to plan future attacks or create detailed profiles about us.

Two: Safety does not depend on “traffic type”

As RHC, we believe it’s a serious mistake to rely on the supposed low value of your online activities:

“I didn’t do anything important”

Attackers exploit every opportunity to gain access to our information and devices. Once they gain access, they can remain hidden for extended periods, gathering valuable data and planning more targeted attacks.

The real risk is not just losing a password, but the theft of our digital identity .
This can translate to:

  • Unauthorized access to social media, email, or work platforms.
  • Fraud in our name (opening accounts, signing contracts, even cyber or real-life crimes).
  • Spear phishing attacks against us or our personal and business contacts. They leverage the data collected to craft highly personalized and compelling messages.

We at RHC have always supported this.

As we’ve highlighted in several articles published on Red Hot Cyber, including these two from 2023:

Cybersecurity is not a single tool or a simple antivirus, but a set of technologies, processes and practices designed to protect networks, devices and data from cyber attacks, fraud and other digital threats.

ICT Risk Management helps to strengthen this protection.

A little prevention is called… risk management

In real life, we make choices every day to reduce risks: we lock our doors, wear seatbelts in our cars, avoid dangerous areas.

Online should work the same way. And this is where a fundamental concept comes into play, even for those who aren’t “in the know”:
digital risk management , or as it is called in jargon: ICT Risk Management .

Translated into simple words, it means:

  • Be aware of the dangers when online.
  • Understanding what might happen if something goes wrong.
  • Take small precautions to avoid it (such as avoiding open and unprotected networks).
  • Check in every now and then to make sure everything is in order by updating apps, changing passwords, or checking for new scams.

We don’t have to be experts. Often, all it takes is a little common sense, curiosity, and a desire to protect ourselves.

Evidence through DNS Spoofing

In this video created by Matteo Brandi , we want to provide concrete evidence of how easy it is to fall into a digital trap when surfing without protection.

https://www.youtube.com/watch?v=cgwOgS9tj6o

Through a simple and direct demonstration, the video shows:

  • What is DNS Spoofing and How Does It Really Work?
  • How an attacker can intercept your browsing and redirect you to a fake site , even if you think you’re safe.
  • Because even a simple connection to a public WiFi network can become an entry point for cybercriminals .

⚠️ This video is for educational and cybersecurity awareness purposes. DO NOT use this information for malicious purposes!

Video author: Matteo Brandi: A cybersecurity expert with a focus on defensive cybersecurity, he has earned the TCM PNPT and CompTIA Security+ certifications. His business helps SMEs secure their systems. A member of RHC’s HackerHood Team, he’s an ethical hacker by passion and a digital defender by mission.

Conclusion

Digital risk isn’t limited to the theft of banking data and must always be assessed in its entirety. Even activities that seem “harmless” can expose us to serious dangers if performed on unsecured networks.

The way we surf, the networks we use, the apps we open: everything matters.

Protecting your online identity today is as important as protecting your home.
And the first step is a secure connection , which is essential to protect your digital presence at all times.

In this series of articles, we aim to raise awareness of the real dangers of WiFi networks. In the next few articles, we’ll address other myths that often, instead of protecting us, expose us to unforeseen dangers.

Being aware, informed, and vigilant is the first and most important step towards real digital security.

Immagine del sitoRedWave Team
RedWave Team is a group of experts in cybersecurity and WiFi networks, with both offensive and defensive skills. Offre una visione completa e multidisciplinare del panorama della sicurezza informatica. Coordinato da Roland Kapidani, Il gruppo è composto da Cristiano Giannini, Francesco Demarcus, Manuel Roccon, Marco Mazzola, Matteo Brandi, Mattia Morini, Vincenzo Miccoli, Pietro Melillo.

Lista degli articoli