The 2018 FIFA World Cup starts tonight, and football fans around the world will be joining in on the action. While most of us will be watching the game on our televisions or online, there are plenty of diehard fans that have gone all the way to Russia to cheer for their team. However, if recent reports are to be believed, these fans better be careful when connecting to the local Wi-Fi hotspots.

As reported by Russia-based cyber security company Kaspersky Lab in an official blog post, over 20% of Wi-Fi hotspots in World Cup host cities have cybersecurity issues. The company states that 7,176 of approximately 32,000 public Wi-Fi networks in these cities do not use traffic encryption. This makes them potentially unsafe for use by football fans visiting the cities, as those with the know-how can snoop on their online activity.

These findings are based on an analysis of public Wi-Fi spots in 11 FIFA World Cup 2018 host cities, including Saransk, Samara, Nizhny Novgorod, Kazan, Volgograd, Moscow, Ekaterinburg, Sochi, Rostov, Kaliningrad, and Saint Petersburg. As per the results, many of the wireless access points do not have encryption and authentication algorithms that are essential for Wi-Fi networks to remain secure. Hackers only need to be located near an access point to intercept network traffic and get confidential information from unwitting or unprepared users.

As for the actual figures, the cities with the highest percentage of unreliable WiFi networks are Saint Petersburg (37%), Kaliningrad (35%), and Rostov (32%).  On the other hand, relatively small towns such as Saransk and Samara have the safest networks with 10% and 17% WiFi spots open. Almost two-thirds of all public Wi-Fi networks in these locations use the Wi-Fi Protected Access (WPA/WPA2) protocol family for traffic encryption, a protocol which is considered to be one of the most secure for Wi-Fi use.

The lack of traffic encryption, coupled with large-scale events – like the FIFA World Cup – make wireless Wi-Fi networks a target for criminals who want easy access to user data. Despite about two-thirds of all access points in FIFA World Cup host cities using encryption based on the most secure Wi-Fi Protected Access (WPA/WPA2) protocol family, even these access points can’t be considered secure if the password is visible to everyone. FIFA World Cup 2018 has confirmed that the event itself is secure – but users should be aware that clearly, its host cities’ public Wi-Fi hotspots are often not,” said Denis Legezo, Senior Security Researcher at Kaspersky Lab.

Additionally, the company suggests that fans visiting Russia and planning to make use of these public WiFi networks should connect via a Virtual Private Network (VPN) whenever possible since it offers levels of encryption not present on the open WiFi. It is also recommended that you use these networks for simple browsing and not for payments or banking transactions, or even sensitive work sites that require your official password. Lastly, you should enable the “always use a secure connection” (HTTPS) option in your device settings to ensure you’re visiting websites over a secure medium.