Kaspersky GReAT experts analysed more than 84 000 free WiFi network signals across three major Mexican cities hosting the 2026 FIFA World Cup.
The analysis covered Mexico City, Guadalajara and Monterrey, and revealed that 17% of the networks had weak or no encryption, potentially exposing users to personal and banking data theft. Only 2,9% of the analysed networks were found to use the latest WPA3 security protocol.
The upcoming World Cup 2026, which kicks off on June 11, will partly be hosted in Mexico, and thousands of tourists are expected to attend the tournament. Kaspersky Global Research & Analysis Team (GReAT) researchers have mapped and performed a security audit of the open Wi-Fi networks that visitors might encounter in the host Mexican cities.
The researchers analysed 69,473 unique public Wi-Fi hotspots and 84,588 signal records across popular locations in the three Mexican host cities for the 2026 World Cup. The study found that every 6th open access point (17%) was unsafe, including 16,5% in Mexico City, 18,5% in Guadalajara, and 17,2% in Monterrey*. Such networks may expose users to risks including passive traffic interception, unauthorised monitoring, rogue access point attacks and credential harvesting techniques.
Almost half (45%) of the analysed networks and which were categorised as secure (using WPA2/WPA3), were found to expose WPS (WiFi Protected Setup) capabilities, including 53,7% in Mexico City, 50,9% in Guadalajara and 47,5% in Monterrey. Because WPS is an outdated and easily compromised protocol, networks that continue to expose it to nearby devices may be vulnerable to unauthorised access and WPS-based attacks.
As a result, users connected to these networks could face risks such as interception of network traffic, exposure of sensitive data, session hijacking and device compromise through malicious activity within the same network.
“One of the first things travellers do after turning off airplane mode is look for Internet access. Staying connected is now essential for navigation, transportation, payments, communication and social media. But convenience often comes at the expense of security. Our research found that while 83% of wireless networks in major Mexican cities appear secure, many still expose outdated convenience features despite using modern encryption standards. Travellers should remember that public Wi-Fi networks and the vulnerabilities behind them remain a prime target for cybercriminals, especially during periods of high tourist activity,” says Maria Isabel Manjarrez, security researcher at Kaspersky’s Global Research & Analysis Team.
When accessing open Wi‑Fi networks, data becomes susceptible to potential security threats. Security experts recommend using a Virtual Private Network (VPN).