What You Need To Know:

A 42-year-old man from Western Australia is facing serious charges for allegedly establishing fake free Wi-Fi networks, known as “evil twins,” to capture personal data from unsuspecting victims. The Australian Federal Police (AFP) has accused the man of creating these deceptive networks on a domestic flight, leading to the investigation and subsequent charges.

What Is An Evil Twin?

An “evil twin” is a type of Wi-Fi attack where a cybercriminal sets up a fake Wi-Fi access point that mimics a legitimate network. Here is what you need to know about this deceptive technique:

• Purpose: Evil twins are designed to trick users into connecting to the fake network, believing it is a legitimate one. Once connected, the attacker can capture personal data such as login credentials, emails, and banking information.
• Common Usage: These fake networks are often used in public places where free Wi-Fi is expected, such as airports, cafes, hotels, and even on flights. Attackers take advantage of the fact that people frequently connect to free public Wi-Fi without considering the risks.
• How It Works: When a user attempts to connect to the fake network, they are usually redirected to a fraudulent webpage that asks for login details or other personal information. The attacker can then use this information for malicious purposes.

Protecting Yourself Against “Evil Twin” Wi-Fi Networks:

• Avoid Personal Logins on Free Wi-Fi Networks: Legitimate free Wi-Fi networks do not require you to log in with personal details such as email or social media accounts.
• Use a Reputable Virtual Private Network (VPN): A VPN encrypts your internet connection, making it more difficult for attackers to intercept your data.
• Disable File Sharing: Turn off file sharing options on your device to prevent unauthorized access to your files.
• Avoid Sensitive Activities on Public Wi-Fi: Refrain from activities such as online banking or accessing sensitive information while connected to public Wi-Fi networks.
• Turn Off Wi-Fi When Not in Use: Disable your device’s Wi-Fi when you are not using it to prevent automatic connections to potentially harmful networks.
• Use Strong, Unique Passphrases/Passwords: Create strong and unique passphrases or complex passwords for all your online accounts to enhance security.
• Change Passwords Regularly: If you have connected to free Wi-Fi networks in public places and accessed any personal accounts, you should change your passwords immediately.
• Inspect the Address Bar: You should always ensure that you are visiting HTTPS websites, especially when on open networks. If you don’t see “https://,” you’re not in a secure web session and should avoid entering any personal data.
• Avoid “Unsecure” Hotspots: When searching for hotspots in public places, do not connect to any unsecure networks. Only connect to networks with a WPA2-encryption at a minimum.

Conclusion:

Evil twin attacks can happen anywhere free Wi-Fi is available, not just in airports. Cafes, hotels, libraries, shopping malls, and even public transport systems can be avenues for these attacks. Staying informed and cautious can help protect you from these and other cyber threats. For more information and updates on cybersecurity, stay tuned to our Security Awareness Bulletins.