How to Practice Safe Computing Using Public Wi-Fi and Avoid “Evil Twins”

Frequent Business Traveler 10/23/2019

AAA World Article

In travel – as in real life – not everything is as it appears. The free Wi-Fi hotspot you just logged into in the hotel lobby to read your e-mail, conduct your banking, or read the news wasn’t necessarily a nice amenity provided by the hotel. In fact, it might have been operated by the well-dressed gentleman sitting beside the potted palm. While you caught up on social media and e-mail, he was collecting people’s credit cards numbers, user names, and passwords, all while enjoying the ambiance and a drink from the lobby bar. The gentleman in question was operating what is known as an “evil twin,” a fraudulent Wi-Fi access point that, to the outside world, appears to be legitimate, although it was set up to eavesdrop on the wireless communications of others. Wi-Fi turned 20 over the summer but little progress has been made in protecting users from Wi-Fi threats that can result in stolen sensitive information and plant malware on a device.

Evil twins can duplicate existing hotspot names or phish for gullible users by using a hotspot name such as Free Wi-Fi. Simply put, cybercriminals create evil twins to steal people’s identities. Last year, the U.S. Department of Justice charged Russian hackers with implementing evil twin attacks that were used to steal credentials and “plant espionage-oriented malware” that targeted a variety of organizations including nuclear power operations and chemical testing laboratories.

Laptops and smartphones cannot distinguish between two SSIDs of the same name and most Wi-Fi clients are set to auto join previously accessed Wi-Fi networks. If the gentleman next to the potted palm doesn’t trick the user into using the evil twin network, he can interrupt the connection and cause it to be reestablished with the evil twin network. From there, using login pages that look just like the originals on banks and social media, the attacker will obtain user names and passwords in plain text and pass those on to the actual website, so that the user is unaware of the attack, while the attacker has gained the user’s credentials. While hotels and cafes can use wireless intrusion prevention systems – a device that monitors radio spectrum for unauthorized access points – most do not and a user is unlikely to detect the problem. The best way to stay safe, however, is to either use a virtual private network, or VPN. VPNs encrypt your online session, making it impenetrable by nearby snoops. Another preventative measure is to set your smartphone, tablet, or laptop to ask before joining a network. This will prevent the device from automatically connecting to what could be an evil twin in a public setting. Finally, think of public hotspots as shared resources. If you aren’t using a VPN, restrict your surfing to Web sites and pages that you don’t mind sharing with the gentleman sitting nearby.


Other Articles

Southwest CEO 'Not Highly Confident' in Timely Max Return

Southwest has extended the removal of the Boeing 737 Max from its schedule through Feb. 8. The Max grounding cost Southwest about $435 million this year.

DOT proposes to loosen tarmac delay rule

Under the new proposal, if the carrier can show that passengers have the opportunity to deplane even while the door is closed, then the tarmac delay clock won't start.

JetBlue introduces a live chat in its mobile app

The feature, which has been available on Apple iPhones for the past few weeks, allows JetBlue passengers to communicate directly with the carrier's customer-support teams.