When you’re killing time in an airport or a coffee shop, free public WiFi is a great way to stay busy on iInternet without having to use up your data plan. However, as convenient as it is, public WiFi can be dangerous at times due to bad actors. This is particularly true in what is known as the evil twins scam. Although it is not a new type of cyberattack, it has made headlines again as officials hope to warn people about its dangers. Continue reading to learn more about the evil twins scam, what to watch out for, and how to avoid becoming a victim.

What is the evil twin WiFi scam?

Although the name may seem silly, the scam itself is not. This type of scam takes advantage of locations with public WiFi and preys on unsuspecting customers, travelers, or guests of a property.

In an evil twin scam, the attacker sets up a fake WiFi hotspot in the hopes that anyone who wants to use the Internet will connect to it instead of the legitimate one. According KaperskyThe attacker can collect any data that the user shares with the network.

How the evil twins scam works

Once the bad actor decides to start this scam, they find a location with free WiFi that is frequently used. Airports, libraries, airplanes, and coffee shops are places that can be prone to these attacks. In fact, an Australian man was arrested in july for stealing data from unsuspecting travelers at an airport.

Once the hacker has chosen his location, he discovers the official name of the network (the service set identifier or SSID) and sets up a new account using the same code/unique name. To an external device, these networks are indistinguishable.

To encourage potential victims to connect to the “evil twin” WiFi network, hackers may even go so far as to approach people on site to create a stronger connection than the legitimate network, Kapersky reports.

The key to this scam comes in the form of a fake login page, without which the hacker cannot access your device. Many public WiFi accounts require you to fill out information on a generic login page before you can use the Internet. The hacker will also follow this format. They will create an identical fake login page, forcing people to enter their personal information to connect to the WiFi.

Why is the evil twin WiFi scam bad?

Evil twin scams are particularly dangerous because the network may appear legitimate thanks to its name. and You will have a strong connection. This can also be true if the hacker discovers that a location does not have free WiFi, but hopes that the property’s guests will assume that it does. “If an attacker managed to set up an unauthorized access point nearby, with the company name and ‘Free Wifi’ or ‘Guest,’ users can unknowingly connect thinking it belongs to the known company,” writes one Reddit user in this thread.

Even more worrying? You may suspect an evil twin attack, but your device won’t know. If you have auto-connect enabled, your phone, laptop, or tablet can take you directly to that fake network. “Devices with automatic connection often do so via the Wi-Fi SSID, which means they cannot differentiate between legitimate Wi-Fi networks and rogue twin networks,” the software company’s professionals write. varonis.

Whether you or your device is connected to the fake network, the authentic and convincing login page is where problems usually begin. Once hackers have your credentials, they can log into the network and take control of it.

“You think you’re going to a trusted site. They might ask you for a username and password. Let’s say, well, now you just gave your username and password. Maybe it’s another site where they need your card information of credit”. Anthony Mongeluzo, cybersecurity expert and president of cybersecurity company PCS, said Fox 13 News.

This is known as a “man-in-the-middle attack,” which means the hacker can monitor all of your online activity. They may be able to steal your banking information, address, account information, and more. If the hacker is very knowledgeable, they could infect your device with malware or ransomware that gives you continued access even after you have disconnected WiFi. (Find out more about another sophisticated cyber scam).

What to do if you have been affected by an evil twin WiFI scam

If you suspect that you have been a victim of an evil twin scam, immediately change the passwords on all your accounts. This will prevent the hacker from being able to use your information further. In the unfortunate event that you suffer a financial loss, contact your bank or credit card company immediately.

For particularly serious data breaches, it is worth contacting your local police department to report the crime.

How to Protect Yourself from Evil Twin Scams

The first step to take when you are in a public place and want to use the free WiFi? “Verify that the WiFi network is legitimate with the provider before connecting and check reviews of apps before downloading them to your phone,” Florida Attorney General Ashley Moody said in a statement. WFLA.

Sometimes the WiFi name in an evil twin scam will have a few misspelled words, making it easier to tell that it is fake. You may also notice that your device will warn you that a connection is not secure, even if it looks legitimate. In that case, it is better not to connect to it.

Other ways to stay safe:

• Use your phone’s hotspot instead of public WiFi. “This is because you will be connected to a trusted network when you are away from home, which reduces the risk of hackers accessing your data,” suggests Kapersky. “Set a password to keep your hotspot private.”

• Only browse websites that use HTTPS connections in the URL, which means it is secure. A lock symbol will also demonstrate that a website is protected.

• Disable automatic connection on your device. This will prevent you from automatically connecting to networks you have used before, including unknown evil twin networks.

• Avoid making financial transactions or logging into banking or credit card websites when using public WiFi.

• Consider using a VPN. These can prevent online hackers from monitoring your online activity even if you end up on an evil twin WiFi network.

Keep scrolling to learn more!

Beware of this new Gmail AI scam – here’s how to keep your account safe

The best ways to manage your money with less worries and more peace

There’s an email blackmail scam flooding inboxes everywhere – here’s how to protect yourself