If you are not familiar with Wifi Pineapple attacks, you should turn off Wifi on your phone. Basically your phone is constantly beaconing out every wifi you have ever successfully connected to, trying to see if it is available to re-connect. That is why you don't have to do anything when you get home to join, or when you get to Starbucks to join.
For $99, anyone can buy a Wifi Pinneaple (
WiFi Pineapple - Home) device and power it from a USB battery pack. This device has 3 wifi networks. One that the hacker joins to a legit public connection like a nearby Panera Bread. The other one is in listening mode for any device beaconing any SSID. It then offers that SSID up on the 3rd connection and becomes a router between you and the live internet connection. Your device already trusts the connection because it has connected before and you are getting Internet access just like you expect. However, the Pineapple is a "man in the middle" is logging everything you do to an internal memory card. It can even strip out HTTPS and other SSL traffic to capture your passwords and other information. To make it worse, 50% of mobile users will also see a message "You must click this box to accept terms of service" and blindly accept a certificate offered to them. This will install a profile on your device that allows the hacker to fully take over your phone, get your contacts, email, etc. even after you disconnect from the wifi.
Want to see how many of these are near where you live/shop? Go to
Do you feel safe? and put in a location. I put in my nearest supercharger and see 3 devices trying to spoof the SSID of "attwifi" and "hhonors".