Security experts equipped with a laptop and a wireless network card were able to intercept the communications of hundreds of businesses in a survey of 10 European cities.
Many of the companies monitored had not changed the default password settings of their wireless networks, making them easy to hack.
Richard Hollis, director at security consultancy Orthus, which conducted the research, described the findings as "really scary".
"I think it is ignorance," he said. "I don't think they understand that manufacturers' default settings are available over the Internet, and that the default password ought to be changed."
The survey also found that a large proportion of wireless network traffic was not encrypted. In addition, a high proportion of networks had Dynamic Host Configuration Protocol enabled, which automatically issues users with IP addresses, making them vulnerable to hackers.
Even if WEP (Wired Equivalent Privacy) is used to encrypt data, security is not guaranteed. Software available on the Internet can be used to decrypt traffic within a few minutes, said Hollis.
"My advice is to take the networks off their default settings and integrate them into the overall network infrastructure," he said.