Given that virtually all of our contemporary lives now revolve around our ability to access and transact business on the internet, should we be wary of an evil twin attack when using public Wi-Fi hotspots?
By: Ringo Bones
Almost all aspect of our contemporary life is now defined by our ability and ease of accessing and conducting commerce and paying our bills via the internet. Sadly, cyber-criminals are now capitalizing on this and had since gave birth to the concept of the “evil twin attack” on people hooking up their smart-phones and other mobile computing device on an unsecure public Wi-Fi connection. Some cyber-criminals use “authentic looking sites” to entrap unwary users that got bamboozled into giving / surrendering their private financial information like credit card numbers, ATM PIN numbers, etc. for the financial gain of the cyber-criminal at the expense of the unwary user. But how can we all protect ourselves from an “evil twin attack”, especially those who conduct their businesses in public Wi-Fi connections whose security status they are quite unsure of?
Due to the recent advances in mobile personal computer technology, cyber-criminals and malicious hackers no longer need a van full of electronics to build their own “evil twin” of a legitimate website in order to steal private financial information - cyber criminals can now use a sufficiently powerful laptop and the required software. Public Wi-Fi hotspots are easy targets for “evil twin” attacks since public Wi-Fi hotspots like those in posh Parisian style coffee shops have their passwords on display to their paying customers and thus are extremely vulnerable to cyber-criminals launching an “evil twin” attack to phishing private financial information. Public Wi-Fi hotspots are also ideal for cyber-criminals to employ older illicit key-logging software to steal password information.
Evil twin Wi-Fi scams have been around for awhile ever since Wi-Fi hotspots had been around, but since the advent of advanced smart-phones, such attacks had since become more brazen. One should wait until they come home or arrive in a place whose Wi-Fi hotspot have security features specifically optimized to foil evil twin attacks whenever they access their vital online banking account information or using their credit cards in purchasing big ticket items. In an unsecure public Wi-Fi hotspot set-up, the cyber-criminal hacker could be sitting right beside you as he or she steals your vital access codes without even you knowing it. One proven deterrent to an evil twin attack while using a public Wi-Fi hotspot is to set their inbox to the more secure “https” mode. Dynamic single-use password Wi-Fi networks like those provided in most hotels are inherently more secure but many are lured to a public Wi-Fi hotspot because they are much more convenient to use.