Evil Twin Attack – A WiFi Cyber Security Threat You Should Know About


Page Content

WiFi is everywhere nowadays. How do you know if the WiFi network you are on is safe and secure? The truth is it is very hard to tell whether a network is secured when you are connecting to it in a coffee shop, hotel, airport or even your neighbor’s house.

Wireless networks have been subjected to an attack called the “Evil Twin Attack”. An Evil Twin attack is a fraudulent WiFi access point that looks to be a legitimate set up, but it actually eavesdrops on wireless communications. As far as wireless LAN goes, this is the equivalent of an email phishing scam. It is very hard to detect and you need to be on your toes at all times. The Evil Twin attack is designed to steal passwords of unsuspecting users by monitoring connections or phishing, which involves a fake website and luring people to the location.

So, how can this tactic obtain your information?

After you are lured onto the bogus wireless access point, the hacker will prompt you to enter sensitive information, making it look like you need to connect to the wireless internet. Once, your information is entered, the hacker has access to every website you go to that is unsecured (non-HTTPS). For example; when you log into an unsecured bank or email account, the attacker interrupts the transaction and sends it through their equipment, which gives them all the information they need to access your accounts later. This Evil Twin attack can be set up to pass internet traffic through to the legitimate access point while monitoring the victims connection, or it can produce a message that says the system is temporarily unavailable after the hacker obtains a username and password.

video by AARPWashington

Great, now I am terrified. How do I protect myself?

There are a number of ways to protect yourself from this wild new cyber security threat.


      1. Don’t use free public WiFi.


            1. Typically, free WiFi is not the most secured internet option.

        1. Patch your personal router.


              1. Yes, your router could use an update just like your phone or computer. Contact your internet service provider or your router manufacturer to find out how to check for available patches.

          1. Save financial transactions/sensitive website usage for a secured internet connection.


                1. Banking and online shopping should be done at home, not from a hotel room…

          If that didn’t scare you enough, the number of sensitive data breaches seem to be increasing daily. You need to do what you can to protect yourself from cyber criminals that are out to ruin you day. For advice and tips about how to protect yourself from the next big cyber-attack, contact Succurri to learn how we can help you and your business.


          Want to learn more about what a Managed Security Services Provider is? Listen to Succurri partner, Grant Eckstrom, and Fractional CMO, Tony Lael, discuss the topic in more depth in this video.


          Learn how to do some amazing things with computers

          A little introduction to doing stuff with computers that you wouldn’t know without reading this book.
          Schedule a Call with Us

          You’ll be able to select a time to discuss any IT support needs with us.

          Sarah W
          Sarah W.

          Phoenix Consultant

          More Articles

          At Succurri our Quarterly IT Performance Review with Clients is a critical process for assessing

          An IT dashboard for business executives should provide clear and concise visualizations of data and

          Patch management software is a critical component of IT systems management that ensures your software

          Submit a new Support Ticket