(Coming Soon to an Airport or Coffee Shop Near You!)
In this age of wireless connectivity have you ever thought twice before connecting to a free public wireless hotspot? Did you ever stop to wonder if the public Wi-Fi hotspot you just connected to
is a legitimate one, or if it might be an ‘Evil Twin’ hotspot in disguise?
An ‘Evil Twin’ hotspot is a Wi-Fi access point set up by a hacker or cybercriminal. It is meant to mimic a legitimate wireless hotspot provided by a nearby business, such as a coffee shop, that provides free Wi-Fi access to its patrons. An Evil Twin hotspot mimics a legitimate hotspot in just about every way including the
SSID (the wireless network name you see), but the Evil Twin’s intentions are sinister!
Hackers do not have to setup hardware-based access points to create an Evil Twin hotspot. Hackers can set up a mock hotspot with software that emulates the Wi-Fi network adapter in their laptops or tablets. Having this level of portability and concealment allows the hacker to position themselves closer to potential victims allowing the hacker to overpower the legitimate hotspot signal within a coffee shop, airport, or other public area.
Cybercriminals create these Evil Twin hotspots to allow eavesdropping on your network traffic and insert themselves into
the links between you and the Internet servers that you are accessing. This allows the cybercriminal to steal account logins, passwords, financial information and redirect you to malware sites, phishing sites. This whole experience is transparent to the victim. The hacker secretly eavesdrops on the user’s Internet activity so that they can steal information as the victims attempt to login to their e-mail, shop online, and access social media accounts.
How can I Tell if I’m Connecting to an Evil Twin vs. a Legitimate Hotspot?
You likely won’t be able to tell whether your connecting to a good hotspot or a bad one. Hackers will make every effort
to conceal their activity and use the same identification as the legitimate access point. They often go a step further and clone the MAC address of the true access point so that they will be seen as a Base Station Clone which further strengthens the illusion.
The Evil Twin hotspot owner also attempts to boost his or her hotspot’s signal strength so that it overpowers the legitimate one.
What can I do to Protect Myself From Evil Twin Hotspots?
Unfortunately, there aren’t a lot of ways to defend against this type of attack.
1. DISABLE WIRELESS
If you are on a mobile phone or device with cell phone network access, disable wireless and access the Internet over
the cell network. It’s safer to use the mobile phone’s network, which encrypts data as it is transmitted.
2. BE EXTREMELY CAUTIOUS
Do not bank, shop, check email, or do other business that exposes any of your usernames or passwords over “borrowed”
or public Wi-Fi (like a hotspot).
3. USE A VPN
Using the encrypted tunnel provided by the VPN encryption process which helps to secure all traffic between your
VPN-capable device and the VPN server. Even if you are connected to an Evil Twin wireless hotspot and you are using a VPN encryption process, hackers will not be able to see your traffic. Even if you believe that the Wi-Fi you’re using is safe, it’s still a good idea to use a VPN.
4. USE HTTPS/SSL ONLY
You can help reduce the eavesdropping risk associated with Evil Twin hotspots by not performing critical tasks such as online banking, accessing confidential corporate services and if you absolutely have to,only log into your e-mail and other sites via HTTPS secured pages.