consumer

Beware of the ‘Evil Twin' Wi-Fi scam

NBC Universal, Inc.

Sit back, relax, and look out for hacking. That’s what airline pilots worldwide might as well be saying on the public address system during your next flight. An old tech scam was found flying high in a new home: passenger jets.

News outlets in Australia broke the story over the summer. Australia’s equivalent of the FBI arrested a man. Investigators accuse him of stealing airline passengers’ personal information while they were on a flight, using what’s called “Evil Twin” Wi-Fi.

“It’s extremely easy,” said Adrianus Warmenhoven, a Nord VPN security adviser and a longtime tech guru. 

Warmenhoven explained that “Evil Twin” Wi-Fi is an impostor that copies the name of Wi-Fi you trust – and your phone remembers. Think of places like airports, hotels, or coffee shops. Warmenhoven said pretenders were an issue with early Wi-Fi, but the threat died. 

The Australia case added new twists. Investigators say the man they arrested got on several flights where passengers were sitting ducks. Detectives say the man had a small, portable Wi-Fi hotpot that he named exactly the same as the airport Wi-Fi. So, once the plane took off and passengers switched to airplane mode, their phones connected to the impostor Wi-Fi, thinking they were re-connecting to the airport Wi-Fi. 

“It’s not hard to do,” Warmenhoven explained. 

Next, Australian police said the “Evil Twin” Wi-Fi instructed people to log in for internet access using their social media or email passwords. Some did, allegedly giving the suspected scammer their usernames and passwords, which are critical ingredients for identity theft. 

“A lot of companies will never, ever meet you physically. They will only meet you digitally. And if I can get your digital identity, I am you,” Warmenhoven explained. 

The Australian arrest is regarded as a first. Some U.S. airports are on alert. The San José airport said it “is aware of the incident.” Oakland’s Airport said, “We are aware of recent events involving airports and are monitoring the situation very closely.”

You need to be aware, too. 

“Humans are the weakest link in this. This is a revival of that attack,” Warmenhoven said. 

“Evil Twin” Wi-Fi can pop up anywhere and spoof any Wi-Fi network you’ve ever connected to. 

Your smartphone probably has a long list of public Wi-Fi networks, such as airports, stores and libraries. It will automatically reconnect to those, even if it’s an “Evil Twin.”

So, tell your phone to forget those. Go to your Wi-Fi settings, find the list of networks and swipe to “forget.” Delete any public networks, like airports, stores and libraries. Then, only connect when you see a network you know. 

“Once you’re done using a public Wi-Fi, change your device settings to ‘forget network,’” said Australian Federal Police Detective Andrea Coleman.

As an extra layer of protection, Australian police recommend security software. 

“Consider installing a virtual private network to encrypt and secure your data,” Coleman said. 

One more option: do a 180 with Wi-Fi. Most of us leave it on by default. Consider leaving it off by default. Then, only turn it on when you see a network or hotspot you know you trust. Yes, it’s an extra step. But it is key to keeping yourself one step ahead of an “Evil Twin” scammer. 

Have a consumer complaint? Let us know so we can help.

Contact Us