Evil Twin Attack

Evil Twin Attacks: Causes, Effects and Preventive Measures

According to Cisco, the world will have 628 million public Wi-Fi hotspots by 2023, which also indicates huge demand for free Wi-Fi services and the increasing potential for evil twin attacks. And if you closely examine the patterns of public Wi-Fi growth in 2020, it happened because of the global lockdown when more people switched to remote contracts, freelancing, and ‘work from anywhere’ arrangements. While much of the public is unaware of the vulnerabilities of such services: captive portals and fake access points, the other half prioritizes its love for ‘free meal’. If you’re one from either of these groups, hang on till we unveil the mechanism of evil twin attack and suggest expert tips that will protect you on public Wi-Fi.

What is an Evil Twin Attack?

Evil twins are dummy Wi-Fi access points used to steal sensitive information. Innocent users who like to enjoy free Wi-Fi services attempt to connect to public Wi-Fi networks without verifying credentials. They eventually fall victim to attackers who are too interested in monetizing other users’ online activities. Users often feel tempted to browse through these networks because of strong connection signals. These fake points also grant access even when a user inputs the wrong security key. Evil Twin Attack is a growing cyber threat and executed for different illegal and unethical purposes:

  • A hacker may obtain the official company portal credentials of an employee using a fake access point for work. This hacker can gain unauthorized uninterrupted access to this particular employee’s salary details, his attendance patterns, his activities at the office, names of his team members, and most probably his bank account details where the employer credits his salary.
  • If a hacker gets into the work device of an employee, he can plant malware, access sensitive information about suppliers, clients, employees, can read emails, view attachments, and eventually may hold this data as hostage and demand ransom against returning access.
  • When a user accesses a banking website via an evil twin access point, the attacker can redirect to a fake login page. It exposes the user ID and password.
  • If the transmission is not encrypted, cyberstalkers can misuse your photographs, videos, upload them on open platforms, impersonate you,  create catfishing accounts, sell your data on the dark web and even harm you after meeting you in-person.

10 Cybersecurity Actions that Prevent Evil Twin Attacks

We live in a highly digital world. Even if we don’t long for free services, we seldom need to use them out of urgency. And if it is imperative to connect to a public Wi-Fi, do practice these 10 tips to protect yourself, your devices, and data from evil twin attacks:

1. Connect to Public Wi-Fi after Verification

Most organizations like public libraries, airports, hotels, and shopping malls usually provide their login credentials in black and white: you’ll either find them in your welcome brochure, on various notice boards, billboards, or display screens. So when you scan Wi-Fi networks in your location, make sure to connect only to the network that has an accurate identical SSID. Do not connect to open, unsecure networks with similar SSIDs for it might be a fake access point.

Users on a legitimate access point may be forced to connect to captive portals (that seem to be alternate networks) after receiving DoS attacks. Most users switch to other networks to prevent delay in browsing experience, hence expose all the data packets they exchange on the network. Though it may get challenging to identify a captive portal, digital experts suggest users avoid signing in to social media accounts after such an incident or completely disconnect all Wi-Fi networks.

2. Disable Auto-connect Feature

If you are connecting to a local coffee-shop wireless network, there are high chances you’ll receive connection signals at home if the Wi-Fi covers a wide range. Disable the ‘auto-connect’ option; it is a feature that automatically connects your device to a Wi-Fi network. If you steered clear the first time, you may get trapped the second time your device connects to an evil twin network.

3. Enable 2 Factor Authentication

2 Factor Authentication provides an additional layer of security to sensitive accounts. This means that even if an evil twin attacker gets access to your login credentials, it will be impossible for him to log in, especially if you have enabled biometric verification.

4. Surf via a Secure Browser

When connected to a public Wi-Fi, try browsing from Mozilla Firefox or Tor because these are more secure browsers that encourage DNS over HTTPS (DoH)  and encrypt DNS queries. If you are browsing through mobile devices, consider downloading Firefox Focus: it is a dedicated secure browsing app highly compatible with mobile devices.

5. Use a VPN

VPN – virtual private network – is a secure tunnel created over a conventional internet connection. This VPN scrambles overall internet traffic exchanged between 2 access points, and so no broadband carrier, intruder, or bounty hunter can eavesdrop on your online activity or sniff data packets in transit.

6. Avoid Accessing Payment Platforms

Do not login to banking and digital payment websites on a public Wi-Fi network, period.

Most cybercriminals love deriving money from illegal activities, and so they can plant spyware in your device through phishing techniques. And once they get into your device, they can execute a financial fraud by decrypting your password even after you have disconnected the Wi-Fi. Hackers can even practice session hijacking in which they steal session cookies to execute online activity on a website. Now such activities are often fraudulent activities causing financial damage to the legit user in one or the other way. This is why we suggest users avoid visiting shopping websites on public Wi-Fi: most of these e-commerce websites already have your card details and CVV numbers in the checkout sections. Even if a hacker can’t get hold of your banking user ID and password, he can conveniently make hefty purchases, unless you realize you’ve been hit, log out or remove your payment details.

7. Install an Antivirus

Efficient antivirus programs have Wi-Fi checkers that diagnose the security standards of wireless networks when a user attempts to connect. As it is, antivirus programs are paramount to device-level security. They work side by side with a VPN to ensure a user’s maximum privacy and security. Premium antivirus programs generate reports about potential data leaks, existing malware, spyware, viruses, and excessive consumption of battery or data. The best antivirus programs may not come cheap, but they don’t sell user data because doing so compromises user privacy. If you access public Wi-Fi on a mobile device, check reviews of the best antivirus programs for Android devices here.

8. Don’t Access Unsecure Websites

Only browse HTTPS websites, the ones with a lock before the URL. The websites use end-to-end encryption for preventing any third party from sniffing at the data. Also, avoid streaming, gaming, and torrenting on public Wi-Fi if you do not have a VPN by your side, for a seeder or leecher on the website may trick you and plant malware in your device.

9. Don’t Change Passwords or Install Apps

Cybersecurity enthusiasts discourage accessing email accounts and social media platforms on public Wi-Fi altogether. Though, it might not be so harmful to have fun if you feel you are connected to a legitimate network and have your security tools up and running. However, avoid changing passwords and installing third-party apps because these actions can open the direct entryway for attackers.

10. Don’t Utilize Public Wi-Fi Service during Work from Home

Not relying on public Wi-Fi for professional work can be your safest bet for preventing an evil twin attack and associated data losses. When you don’t get tricked, there are least chances of you getting hit by an evil twin and hence your security will remain intact. Keeping the weaknesses of public Wi-Fi in view, digital experts suggest users should not access their official company accounts and portals without a VPN. The same goes for freelancers and remote workers who excessively utilize Gmail accounts and communication platforms like Skype and Zoom. Unless the matter is urgent or you have an active VPN running in the background, do not execute formal communication on public Wi-Fi. Do not open your cloud storage portals or you may dish out your sensitive data to attackers and end up receiving a note for ransom.

Final Words

The existence of vulnerabilities do not even mean all Wi-Fi connections are insecure and shouldn’t be connected to. Even digital safety advocates can’t demolish the need for accessing public Wi-Fi connections in its entirety. Keeping the aforementioned consequences in view, cybersecurity professionals suggest users avoid temptation and not connect to networks that are particularly ‘open’, no matter whether they provide excellent connectivity. An open, fair and secure internet is your fundamental digital right. With the right tools by your side, no evil twin attack can hinder your experience.


Start Browsing Privately!

iProVPN encrypts your data for protection against hackers and surveillance. Unblock your favorite streaming platforms instantly with the best VPN for streaming.


You May Also Like


Leave a Reply

Your email address will not be published. Required fields are marked *