Beware of “Evil Twin” Wi-Fi Connections
Free Wi-Fi is widely available in many areas and businesses. Many people connect to these free networks while traveling or away from home. One particular scam called the “evil twin” attack involves a cybercriminal using a device to set up a fake Wi-Fi access point where you typically use free, public internet. Cybercriminals name their fake access points very similarly to the names of legitimate Wi-Fi sources to attempt to trick you into connecting to their network.
Evil Twin Cafe
Let’s say you go to a coffee shop. You see multiple public Wi-Fi names, such as “Coffee Shop Free” or “Coffee Shop Free Wi-Fi.” Sometimes, the fake Wi-Fi names will be the same as the real Wi-Fi names. If you connect to the fake Wi-Fi source, the cybercriminal can steal your personal information. Any activity you do on this fake Wi-Fi connection can be monitored by the scammer. Your bank account information and other personal data may be easily stolen if you access them during your browsing session with the evil twin network.
Post-Attack
Many times, you and other users will not even be aware you are connected to a fake Wi-Fi network. You would only know something was amiss after the cybercriminals used any personal information you entered during your session with the fake network. This could be something like unauthorized bank transactions. You may also get notifications from your inbox or phone saying that your personal accounts have had some suspicious logins. It’s very important to be cautious when connecting to public networks.
How to Protect Yourself
Here are some precautions you can take if you would like to connect to a public Wi-Fi network but don’t want phony networks stealing your information:
Avoid unsecured Wi-Fi hotspots. If you need to connect to a public network, avoid ones labeled “Unsecure.” Evil twin networks usually do not have the security features to be labeled as “Secure.”
Follow your organization’s security policies regarding VPN usage. Using a VPN provides an added layer of security and privacy when connecting to the internet.
Avoid logging in to financial or personal accounts on public Wi-Fi. Cybercriminals can only access your browsing data when you’re connected to their fake network. Keeping your personal information on your home networks would be more secure than potentially exposing it to a fake public network.