“ We Twinnem… ”

Handsome Hacker is back with another scandal and this one is very treacherous. Have you ever been in a shopping centre or hotel lobby *wink* *wink* and seen the same wifi name come up twice, and you’re unsure of which one to select? Well, this is a trick that hackers use to steal our precious data.

The attack is called the evil twin attack. This is where hackers steal sensitive data by creating fake wi-fi access points. Hackers will make the wi-fi appear to be legitimate by using the same SSID* (basically the same wi-fi name) as another wi-fi access point that we are familiar with – see the picture below. It’s easy to get tricked by this, seeing as it’s difficult to tell the difference between the two access points. Besides, we love to stay connected to the internet, so in places where 4G is weak, we all turn to the free wi-fi spots and this is where we can easily fall into the trap.

Fun Fact: Wi-Fi doesn’t actually stand for anything. 

First of all, when connecting to public wi-fi, try to avoid logging into your online banking, performing online shopping transactions, and signing into your email account. The main issue with this is that you won’t have a clue that you’re connected to the hackers wi-fi point, therefore the hacker can monitor your actions, see the details you’ve entered, use them for their personal gain, and then save them. Let’s look into this in a bit more detail.

Look how easy it is to use your phone as a hotspot. A hacker can do the same but just change the wifi name. A lot of devices are unable to tell the difference between a fake and a real wi-fi point, which is a big problem that needs to be addressed. With this in mind, the hacker will create a hotspot and a phishing site. Once the user is connected and has successfully logged into the phishing site, the hacker can now see the traffic and steal the data entered by the victim. The victim thinks they are on the real website but they are really on the phishing site. But thats not all, the hacker can do even more (as if stealing my data isn’t enough), like infecting your computer with key loggers**. Once key loggers are on your system, your data can easily be retrieved by the hacker. As soon as the attacker has done their work, they’ll simply disconnect you from their wi-fi and use your details to steal even more information, or even sell it. One way to fight this is by using a VPN as this will encrypt the data making it hard to read in the first place. But ultimately, the worst thing about all of this is that it’s very hard to spot when this attack has occurred.

I for one know how annoying it is when you’re in a place with no signal and the wi-fi is taking ages to connect, and even when you’re connected it’s so slow. By simply being more vigilant when connecting to public wi-fi and following the ‘Tips with T’ section, you can better protect yourself from these attacks. Hope you found this blog useful!

‘Tips with T’

– Avoid using public wi-fi that is not secure – Use a VPN – Avoid online banking when connected to public wi-fi

Love & Guidance

TT