close
close
darbo

Tips for staying safe on public networks

Posted on by Nargang
Tips for staying safe on public networks

When you’re wasting time at an airport or coffee shop, free public WiFi is a great way to stay busy on the iInternet without having to use up your data plan. As convenient as it may be, however, public WiFi can be dangerous at times thanks to bad actors. This is especially true in what is known as the evil twin scam. Although not a new type of cyber attack, it has once again made headlines as officials hope to warn people about its dangers. Read on to learn more about the evil twin scam, what to look out for, and how to avoid becoming a victim.

What is the Twin WiFi Scam?

While the name may sound silly, the scam itself is not. This type of scam takes advantage of locations with public WiFi and exploits unsuspecting customers, travelers or guests in an establishment.

In a twin scam, the attacker creates a fake WiFi access point with the hope that anyone who wants to use the Internet will connect to it instead of the legitimate one. Conformable Kasperskythe attacker is then able to collect any data the user shares with the network.

How the evil twins scam works

Once the bad actor decides to start this scam, they find a location with free WiFi that is frequently used. Airports, libraries, airplanes and coffee shops are all places that can be prone to these attacks. Actually, an Australian man was arrested in July for stealing data from unsuspecting travelers at an airport.

After the hacker has chosen their location, they figure out the official name of the network (Service Set Identifier or SSID) and create a new account using the same unique code/name. To an external device, these networks are indistinguishable.

To encourage potential victims to connect to the “evil twin” WiFi network, hackers may even go so far as to approach people at the location to create a stronger connection than the legitimate network, Kapersky reports.

The key to this scam comes in the form of a fake login page, without which the hacker cannot gain access to your device. Many public WiFi accounts require you to fill out information on a generic login page before you can use the Internet. The hacker will also follow this format. They will create an identical fake login page, forcing people to enter their personal information to connect to WiFi.

Why is the twin WiFi scam bad?

A free WiFi signA free WiFi sign

bluesky85/Getty

Evil twin scams are particularly dangerous because the network may appear legitimate due to its name, and will have a strong bond. This can also be true if the hacker discovers that a location does not have free WiFi, but hopes that guests at the establishment will assume that it is offered. “If an attacker managed to set up a rogue hotspot nearby with the company’s name and ‘Free Wifi’ or ‘Guest’, users can unknowingly connect, thinking it belongs to the known company,” writes a Reddit user in this thread.

Even more worrying? You might suspect an evil twin attack, but your device won’t know any better. If you have auto-login enabled, your phone, laptop or tablet can take you directly to that fake network. “Auto-connect devices often do this via a Wi-Fi SSID, which means they can’t tell the difference between legitimate Wi-Fi networks and their evil twins,” the software company’s pros write. Varonis.

Whether you or your device are connected to a fake network, the convincingly genuine login page is where the trouble usually starts. Once hackers have your credentials, they can connect to the network and control it.

“You think you’re going to a trusted site. You may be asked for a username and password. Let’s say, well, now you just gave up your username and password. Maybe it’s another site where they need your credit card information.” Anthony Mongeluzo, cybersecurity expert and president of cybersecurity firm PCS, said Fox News 13.

This is known as a “man-in-the-middle attack”, which means that the hacker can monitor all of your online activity. It can steal your banking information, address, account information and more. If the hacker has special knowledge, they could infect your device with malware or ransomware that gives them continuous access even after you’ve disconnected from WiFi. (Learn more about another sophisticated cyber scam).

What to do if you’ve been hit by a twin WiFI scam

If you suspect that you have fallen victim to an evil twin scam, change the passwords for all of your accounts immediately. This will prevent the hacker from being able to use your information. In the unfortunate event that you suffer a financial loss, contact your bank or credit card company immediately.

For particularly serious data breaches, it’s worth contacting your local police department to report the crime.

How to protect yourself from evil twin scams

The first step when you are in a public place and want to use free WiFi? “Verify the WiFi network is legitimate with the provider before connecting, and check app reviews before downloading to your phone,” Florida Attorney General Ashley Moody said in a statement. WFLA.

Sometimes the WiFi name in a twin scam will have a few words misspelled, making it easier to tell it’s fake. You may also notice that your device will warn you that a connection is not secure, even if it looks legitimate. In this case, it is best not to connect to it.

Other ways to stay safe:

  • Use your phone’s hotspot instead of public WiFi. “This is because you’ll be connected to a trusted network when you’re out and about, which reduces the risk of hackers accessing your data,” suggests Kapersky. “Set a password to keep your hotspot private.”

  • Only browse websites that use HTTPS connections in the URL, which means it’s safe. A lock symbol will also prove that the website is protected.

  • Turn off automatic login on your device. This will prevent it from automatically connecting to networks you’ve used before, including unknown twin networks.

  • Avoid making financial transactions or connecting to banking or credit card sites when using public WiFi.

  • Consider using a VPN. These can prevent online hackers from monitoring your online activity, even if you end up on a twin WiFi network.

Keep scrolling for more!

Beware of this new Gmail AI scam – Here’s how to keep your account safe

The best ways to manage your money with less worry and more peace of mind

There’s a Blackmail Email Scam Flooding Inboxes Everywhere – Here’s How to Protect Yourself