Video More Video CNN's Gerri Willis shares five tips on protecting yourself in a wi-fi world. Play video

NEW YORK (CNN/Money) - With more than 20,000 hot spots just in the U.S., it's no wonder everyone has gone wi-fi. Maybe you check your e-mail at your local coffee shop or connect with work online from the frequent fliers' lounge.

Hot spots are everywhere and convenient, but not always safe. Hot spots now have "evil twins" that can steal passwords, personal information, and files from your computer out of thin air. One could be sitting next to you on an airplane or across the street from your favorite Internet café.

What do you need to know to protect yourself? Here are today's top five tips.

While it sounds like a strange idea, it is fairly easy to pirate a hot spot. Professionals can use radio and wireless Internet equipment to send a signal similar to a wireless Internet signal.

"Basically, an evil twin is someone who masquerades as a hot spot. They send out a stronger signal, so instead of connecting to the Internet via the hot spot, your computer connects to the evil twin. He can take all your information directly," says Richard Rushing, chief security officer at AirDefense, a wireless security software company.

The tricky thing about the evil twin is that everything can look normal, just as if you were connecting to a T-Mobile hot spot, for example. But you won't really be online, so you're likely to notice something fishy if you've been targeted. Maybe you don't connect to your homepage; you get a blank screen; or you can't send e-mail. In any case, shut your computer down immediately.

Beware of your surroundings. Rushing says hot spots in airport lounges are vulnerable since business travelers are using valuable machines there. A coffee house where 20 people are using laptops could also be a likely target. Hackers choose crowded places in order to remain anonymous.

The FBI says the best way to prevent an attack is to have the most up-to-date security installed. If you're a Microsoft Windows user, get your monthly updates at www.Microsoft.com/security. If you use a Mac, check out updates at www.Mac.com/support.

The FBI also recommends you install a personal firewall to help keep hackers out. Log on to download.McAfee.com or www.Symantec.com/downloads for free trials of their firewall systems.

While using a hot spot, be smart about it. AirDefense recommends you should really only surf the Web while in a hot spot. If you must use a password, enter it only into Web sites that let you use a secure login.

For example, while making a purchase on www.Amazon.com, you must click on a button that will take you to a secure server. Another option is to look for an SSL key in the bottom right corner of the Web page that looks like a little lock. Also be wary of using insecure applications like e-mail and instant messaging in hot spots.

If you do recognize some fishy activity while using your computer in a hot spot or are having problems connecting to a hot spot, assume an evil twin has hit your computer.

The best-case scenario is they just want the username and password to your hot spot. Worst-case scenario: they want all the information on your computer. After shutting off your computer, call your hot spot service provider immediately and ask them to change your password.

You will also want to report this incident to the FBI's Internet Fraud Complaint Center. You can file a complaint online at www.ic3.gov.

If you have ever done online banking or entered personal information into your computer such as your social security number, you could be a candidate for identity theft. You'll want to contact the credit bureaus to let them know you might be a victim. Check out their Web sites at www.Experian.com, www.TransUnion.com and www.Equifax.com.

T-Mobile now sends its customers an e-mail after each use of a hot spot informing them of their connection time. This e-mail can help you in two ways. If you get one and know that you weren't online, it's probably not a fluke. An evil twin might have stolen your T-Mobile hot spot login and is using it at their leisure. If you don't get one when you thought you were online with T-Mobile, that's a red flag that you were connected to an evil twin instead.

To safeguard your computer, always shut your wireless Internet off when not in use. Many computers keep it on at all times unless you disengage it. An evil twin attack can even happen when you're working on your computer at 35,000 feet.

You might also get some extra security that is designed just for protecting computers on the wireless Internet. AirDefense is offering a free download of its security software, AirDefense Personal, to help you monitor wireless risks.

The product will alert you when you do not have your usual access to the Internet. Download it by clicking here.

Gerri Willis is a personal finance editor for CNN Business News and the host for Open House. E-mail comments to 5tips@cnn.com.