Change your iPhone settings now.picture alliance via Getty ImagesAlarming media reports again this week warn that your iPhones default settings expose you and your data to hackers. Whether or not this threat affects you, its an easy setting to change and you should do that now. This is nothing new. NSA and law enforcement agencies have warned the same for years, but settings have not changed. The risk is not merely theoretical, NSA says. Malicious techniques are publicly known and in use.Were talking Wi-Fi and the little understood threat from public Wi-Fi networks. Despite what you might have read, there is little risk in connecting to reputable public Wi-Fi networks in hotels or airport lounges, even when traveling abroad.As long as your internet traffic is encrypted, and you dont log into new websites that pop up on your device when you connect, you will be okay. For additional security I recommend using a VPN a reputable paid one of course even though some agencies advise against personal VPNs, given the risk of data capture if you pick badly.But that doesnt mean your phone wont be attacked far from it.The much more serious risk is rogue public Wi-Fi networks set up to trick users into thinking theyre reputable when theyre not. A Wi-Fi name playing on the name of a hotel or restaurant could belong to an attacker, looking to plant themselves between your device and the real access point. NSA warns that by doing this, cyber actors [can]MORE FOR YOU employ malicious access points redirecting to malicious websites, injecting malicious proxies, and eavesdropping on network traffic. Kaspersky describes such attacks as the biggest threat to free Wi-Fi security, explaining that a hacker can position himself between you and the connection point. So instead of talking directly with the hotspot, youre sending your information to the hacker, who then relays it on. Clearly they can see the traffic before they do so if its not encrypted, and potentially they can push data to your device, or pop up phishing websites or fake login sites to trick you into giving away credentials. Anything more sophisticated than this would likely be a targeted attack. If you think thats a risk for you, modify your behavior. Use a VPN and stick to cellular instead of public WiFi.As regards these new iPhone warnings, the change you need to make is very simple. Tap on Settings > Wi-Fi, and there you will see two options. Ask to Join Networks and Auto-Join Hotspot. Set the first to Off or Ask, never to Notify. The hotspot auto-join setting should be set to Ask to Join or Never, and not to Automatic.This is nothing new. NSAs warning dates back to 2021 albeit its still live and relevant, and I first warned about this setting even before, back in 2020. But nothing seems to have changed in the interim and here we all are again.Theres another change you can make as well, for additional security. In the Wi-Fi settings menu, click Edit which youll see top-right. and navigate to Managed Networks. Then click the i next to each network and unclick autojoin, unless youre very sure of the network and that you want to connect in the background.Those are networks are mostly provided by your cellular carrier. But above Managed Networks is a list of all WiFi networks known to your iPhone, including where you used a password to connect. You can deselect autojoin the same way on some or all.Meanwhile, keep those two threats in mind. Ensure your web browsing is encrypted only use websites that display a padlock by the browsers URL. And dont enter credentials into popups or familiar websites that appear unexpectedly.