Top Menu

Evil Twin Wi-Fi

You’re out and about for any number of reasons.  Traveling for work.  Killing time while waiting for co-workers or family members.  But you have some time and you have work that needs to get done.

You pull out your phone or laptop, and all of the available wi-fi connections come up.  Perhaps you’re in a well-known, or chain coffee shop, and the available wi-fi immediately pops up for you to connect.  A quick glance and you click on the link to confirm the connection and get to work.

If you aren’t careful, you may have just become a victim of what is known as an Evil Twin Attack.  This is a type of Wi-Fi attack that works by taking trusted and well-known names of wireless networks and making them indistinguishable to identify as dangerous.

How Does It Work?

To the average user, the networks look the same.  But what has happened behind the scenes is that the original network was taken down by hackers, duplicated in name only, and all users reconnect when prompted with a refresh.  What happens next?  You guessed it.  Users are now willingly putting in all login information.  Most users are not savvy enough to know what a real firmware update looks like, and they have no idea that an attack is actually in process on their credentials.

How Can You Stop It?

Social engineering is one way that hackers can force users to provide a password by kicking them off of the authentic network. They can also tap into a type of phishing scam that creates a pop-up screen that we’ve all seen before and scrolled to the bottom of before accepting terms.  And finally, they can play into our irritation at having to keep clicking on screens when kicked out, letting our short temper get the best of us and simply overlooking any obvious signs of scamming.

The evil twin scam can happen anywhere, even in a closed-off and trusted environment like a home or dorm.  Be diligent and avoid auto-connecting to known networks. Watch for strong connections but frequent disconnects. While not foolproof, an SSL or trigger certificate warning should be present and not look “odd”.

If you’re able to avoid public wi-fi, that is the best way to avoid being hacked in this sense, but if you must, do it in the safest way possible for the situation that you find yourself in and use a VPN.