An increasing number of “evil twin” attacks, as cybersecurity experts term them, are targeting public Wi-Fi networks in places such as airports and coffee shops. However, the perpetrators behind these frequent attacks are rarely caught. To defend against such threats during travels, using VPNs and mobile hotspots on smartphones is considered the best defense.
According to a report by CNBC, travelers have long been warned against using public Wi-Fi networks at airports, hotels, and coffee shops. Airport Wi-Fi networks are particularly appealing to hackers due to their relatively lax security measures. In many airports, the responsibility for Wi-Fi lies with third-party vendors, with the airports themselves rarely involved in safeguarding the network.
Despite the awareness that free Wi-Fi should be avoided, it remains irresistibly attractive to both travelers and hackers. Hackers are now reviving an old cybercrime tactic by exploiting the appeal of free Wi-Fi networks.
This summer, an arrest incident in Australia sounded the alarm in the United States, revealing that cybercriminals are finding new ways to profit from “evil twin” attacks. This form of cybercrime, categorized as a type of “man-in-the-middle” attack, involves hackers setting up fake Wi-Fi networks in public places where many users can connect, luring unsuspecting individuals to log in.
In a recent case, an Australian man was accused of conducting Wi-Fi attacks on domestic flights and airports in Perth, Melbourne, and Adelaide. He reportedly set up a fake Wi-Fi network to steal email or social media login credentials.
“With people becoming increasingly reliant on ubiquitous free Wi-Fi, it’s foreseeable that malicious attacks will become more prevalent,” said Matt Radolec, Vice President of Data Security company Varonis. Radolec added that people often do not read terms and conditions or check URLs when using free Wi-Fi.
“When users encounter fake websites, they may not even know what legitimate websites should look like,” Radolec stated.
One of the dangers of such attacks is the ease with which the technology can be concealed. An “evil twin” device can be as small as to hide behind a display screen in a coffee shop, yet it can cause significant damage.
“These devices can replicate legitimate login pages and trick inattentive users into entering their usernames and passwords, which are then harvested for future use,” noted IT consultant Brian Alcorn from Cincinnati.
The website does not even need to truly log in users. “Once you input your information, the theft is done,” Alcorn remarked, emphasizing that a busy, tired traveler might only think there is an issue with the airport Wi-Fi without considering other possibilities.
Individuals using simple passwords, like their pet’s name or favorite sports team, are more vulnerable to “evil twin” attacks. Alcorn pointed out that for those who reuse username and password combinations online, once the login credentials are obtained, they can be fed into AI, enabling cybercriminals to swiftly gain access. All your online data, including bank account information, can be compromised.
“You can be easily exploited by individuals with devices costing less than $500 and skill levels lower than you imagine,” Alcorn said. “Attackers only need basic IT skills.”
“My favorite method to counter ‘evil twin’ attacks is using a mobile hotspot on a smartphone,” said Brian Callahan, Director of the Network Security Lab at Rensselaer Polytechnic Institute.
He explained that if setting up a hotspot is not an option, VPNs can also offer some protection as the traffic to and from the VPN should be encrypted. “Thus, even if someone can see the data, they won’t be able to decipher it.”