What is an Evil Twin Attack?

How an evil twin attack works: step-by-step  

Evil twin cyber attacks work by getting someone to believe that they are connecting to a legitimate public Wi-Fi network. To make their attack believable, hackers generally follow these steps:  

Step 1: Choose a location with free Wi-Fi

First, they need a busy location that already offers free Wi-Fi, like an airport or cafe. Generally, they look for a place that has multiple access points to make it easier for their network to go unnoticed.  

Step 2: Set up a Wi-Fi access point

Next, the hacker will set up a new hotspot that uses the same Service Set Identifier (SSID) as the free, public Wi-Fi network. This makes it almost impossible for connected devices to tell if they are on a fake or legitimate connection.  

This setup can be done from almost any device too–phones, laptops, tablets, portable routers. Sometimes, hackers will even use a Wi-Fi Pineapple to allow for a broader range.  

Step 3: Create a fake portal page

If you’ve used public Wi-Fi, you’re likely familiar with the sign-in or optin pages that public Wi-Fi networks have. To make their network look more legit, evil twin hackers will often create a fake portal page where users have to log in to use their network.  

This creates an opportunity for hackers to collect your passwords and other log in information that you may use on a regular basis. And, if the hackers know what they are doing, they can create a login page that is identical to the legitimate network’s portal page, making it impossible to tell the difference between the fake and real versions.  

Step 4: Stay close to potential victims

As people use their devices in public spaces, they generally want Wi-Fi connections with stronger signals. Hackers will use this to their advantage by setting up their devices closer to potential victims. The closer they are, the stronger their Wi-Fi signal will be. Some devices even default to connect to stronger connections automatically.  

Step 5: Monitor & steal data

Once a user connects to the evil twin network, the hacker can monitor their activity and steal information that gets entered into log-ins, order forms, and more. If you log into your bank account or enter your credit card information on an online store website, the hacker can see this information and steal it.  

How to protect yourself from an evil twin attack

As we’ve seen, evil twin attacks can be almost impossible to identify, but here are several steps you can take to protect yourself from hackers.  

Avoid unsecured Wi-Fi networks

If you are going to use a free Wi-Fi network, make sure it is secured. Evil twin networks are almost always unsecured. There should be a designation next to each available Wi-Fi network that indicates whether it is secure or not. Secure networks usually involve asking an employee or manager for the Wi-Fi password.  

Use your own hotspot

One of the safest ways to go online in public spaces is to avoid public networks altogether and use your own hotspot or data. Ensure you have a password on your hotspot so others can’t access it.  

Use a VPN

A VPN encrypts your data before the hacker is able to see it. When you enter private information on any Wi-Fi network while using a VPN, your data gets encrypted to prevent those who may be monitoring the network from seeing your information. Download a reliable VPN on your devices for additional security against hackers.  

By using Clario’s VPN, you can:

• Protect your personal data from hackers
• Anonymize your online activity
• Access content from around the world

Here are some instructions for using Clario’s VPN:  

1. Download Clario and take advantage of a free 7-day trial to set up an account

2. Go to the home screen on the app and toggle the switch on next to Browsing protection

3. If desired, change your location by tapping the location below Browsing protection and selecting the location you want

You’re all set for seamless and private browsing. See what locations are best to connect to here.

Turn off autosaves for Wi-Fi networks

Don’t let your device save public Wi-Fi networks for automated connections.If your device is set up to connect automatically to previous Wi-Fi networks, you open yourself up to evil twin attacks. Disable this feature to be more mindful of the networks you connect with.  

Don’t log into private accounts on public Wi-Fi

When using public Wi-Fi, don’t log into private accounts. Logging into these accounts while on an evil twin network allows hackers to access your passwords.  

Only use secure websites

Only use websites that are marked as secure. This is indicated by the lock icon in the search bar next to the URL of the website. If the website has https in the URL, that also means it is secure.

Use two-factor verification

Even if a hacker gains access to your passwords, with two-factor verification on your accounts, it makes them much more difficult to access.

Why are evil twin attacks so dangerous?

Evil twin attacks are dangerous for a few reasons:

• It is often impossible to tell the difference between a legit network and an evil twin network.
• They allow hackers to access your device, meaning they can access login credentials and other private data like social security and financial information.
• Hackers have the opportunity to insert malware on your device.
• You only realize you’ve been a victim of an attack after the hacker has performed unauthorized transactions or inserted malware.

What to do if you have been hacked with an evil twin attack  

If you’ve fallen victim to an evil twin attack and have suffered a data breach or financial loss, contact your bank or credit card company immediately to investigate and cancel any pending transactions. Depending on the features of your bank account, you may be able to seek reimbursements for financial loss.  

Also, be sure to change your passwords on your private accounts. If the attack is more severe in nature, you may also involve your local police department and submit a complaint to the FCC Consumer Complaint Center.  

Evil twin attacks aren’t the only method that cyber hackers use to steal sensitive information online. Clario offers reliable VPN and data breach monitoring for iOS and Android devices to ensure your security.  

Learn more about how to improve your cyber security with these resources:  

• What is Cyber Security and Why It Matters?  
• What is a Brute Force Attack? Types & Prevention Steps    
• What Is a Zero-Day Attack And How to Protect Yourself From It