Harvesting wireless power to energize miniature devices has been envisioned as a promising solution to sustain future-generation energy-sensitive networks, e.g., Internet-of-Things systems. However, due to the limited computing and communication capabilities, wirelessly powered networks (WPNs) may be incapable of employing complex security practices, e.g., encryption, which may incur considerable computation and communication overheads. This challenge makes securing energy harvesting communications an arduous task and, thus, limits the use of WPNs in many high-security applications. In this context, security at the physical layer (PHY) that exploits the intrinsic properties of the wireless medium to achieve secure communication has emerged as an alternative paradigm. This article first introduces the fundamental principles of primary PHY attacks, covering jamming, eavesdropping, and detection of covert, and then presents an overview of the prevalent countermeasures to secure both active and passive communications in WPNs. Furthermore, a number of open research issues are identified to inspire possible future research.