The number of cybercriminals is increasing. Today, we have all sorts of news going on about cyberattacks on businesses and individuals, all having different motives, from political activism, to monetary gain, to downright sociopathic tendencies. All the news point to one thing: we need to protect ourselves.
What is an Evil Twin?
An Evil Twin is an access point (such as a Wi-Fi router or a hotspot) used by an attacker, that imitates a legitimate one. By posing as the other router, the attacker can connect to the victim machine. Since most devices today connect automatically, this is as easy as simply changing the attacker’s router settings, such as the MAC address, SSID (otherwise known as the hotspot name), and signal frequency channel. Attackers might even step up the ladder by increasing the signal power of their attacking access point, thus increasing the likelihood of the victim machine to connect.
How does this affect me?
Wi-Fi is everywhere. We use it in restaurants, offices, homes, and even in industrial installations. This makes the Evil Twin’s targets very abundant in today’s society. An attacker can go to Starbucks, pose as the free Wi-Fi there, and they can harvest all the passwords, logs, and even emails from all of the coffee shop’s victim machines to their heart’s desire.
How do I protect myself?
Evil Twins, since they pose as exact copies of the legitimate hotspot, will end up being unfiltered by your device, so the fastest answer is to simply stop your device from “remembering” old connections and thus connecting automatically. If you do ever happen to need to connect manually, always check if the hotspot has a password, that way you do know that the hotspot indeed is owned by a legitimate user who also wants to protect their data. On the hardware side, some routers and Wi-Fi card brands have active protections against conflicts in MAC addresses (which are possible signs of fake access points), examples being Huawei routers and Broadcom chipsets.
Remember, it’s best to be vigilant!