Password Protection / Encryption - Businesses are helpful in providing a network that everyone can easily access. However, if this connection isn't secured through a password, or some level of encryption, it basically allows anyone to access at any time. Most people will use it to complete general tasks, but there is always that 1% that has bad intentions. Using it to read other people's data (MitM attacks), deposit malware or record data for further scams.
Man In The Middle - Or MitM attacks, are when someone uses a relay point between your connection and device to read your data. Your private work is no longer for your eyes only.
Hackers can use vulnerabilities in an infrastructure to deposit malware. Once on your device, it may have several different tasks to complete. The tasks they complete all lead to some kind of personal data being stolen and used maliciously. Fake Hotspots - (Or rogue access points) Trick you into thinking they are a legitimate connection. They potentially have a similar name, such as 'Peter's Cafe' could be 'peterscafe'. But unfortunately, you have connected to a hacker's hotspot and they can now view everything you look up. If they have set this up, it is likely they also have a software that can view the webpages you are looking at, and anything you may have entered into the web page, including your login details (If not encrypted).