Fake wifi

👉 Overview

👀 What ?

Fake WiFi refers to a malicious tactic where cybercriminals set up false WiFi hotspots, often in public places, to trick people into connecting. Once connected, personal information and sensitive data can be intercepted and stolen.

🧐 Why ?

Understanding the concept of Fake WiFi is essential because it's a common cyber threat that can lead to data theft, identity theft, and other serious consequences. With the increasing use of public WiFi, the risk of falling victim to such attacks is high.

⛏️ How ?

To protect yourself from Fake WiFi, always double-check the name and authenticity of public WiFi before connecting. Avoid performing sensitive transactions over public WiFi and use a VPN for added security. Keep your devices updated and install a reliable security software.

⏳ When ?

The use of Fake WiFi as an attack method has been prevalent since the early 2000s, with the growing popularity of WiFi networks.

⚙️ Technical Explanations

An "Evil Twin" attack, also known as Fake WiFi, is a type of cyber attack where a malicious actor sets up a rogue WiFi access point that mimics a legitimate one. Often, these rogue access points are given names similar to legitimate networks to trick users into connecting. Once a user connects to the fake WiFi network, the attacker can launch a Man-in-The-Middle (MitM) attack. In a MitM attack, the attacker intercepts and potentially alters the communication between the user and the intended recipient without either party knowing. This allows the attacker to gain access to sensitive information such as login credentials, credit card numbers, and personal data. To protect against such attacks, individuals should use encryption, two-factor authentication, and secure network protocols. Furthermore, they should ensure they are connecting to legitimate networks, avoid performing sensitive transactions over public WiFi, use a VPN for added security, and keep their devices updated with the latest security patches.

Let's say you're in a coffee shop and you see two WiFi networks: "CoffeeShopWiFi" and "CoffeeShopWiFi_Free". The second one (the "Evil Twin") is set up by a cybercriminal to mimic the legitimate "CoffeeShopWiFi" network. Here's a step-by-step example of how an attack could occur:

1. You connect to "CoffeeShopWiFi_Free", thinking it's a free version of the legitimate network.
2. The attacker, now having control over your connection, can monitor your online activity. They can employ a software like Wireshark, a network protocol analyzer that can capture and interactively browse your network traffic.
3. If you visit non-HTTPS websites or enter sensitive information, the attacker can capture this unencrypted data. For example, if you log into a banking website, the attacker can capture your username and password.
4. The attacker can also potentially alter your communications, redirecting you to malicious websites or injecting malware into your device.

To protect yourself from such attacks, follow these steps:

1. Be wary of any network that doesn't require a password, especially those with similar names to legitimate networks.
2. Use a VPN, which encrypts your online activity, making it incomprehensible to anyone who might intercept it. A command to start a VPN could look like: vpnclient start YourVPNProfileName.
3. Enable two-factor authentication on your accounts, providing an additional layer of security. Even if an attacker captures your password, they would also need the second factor (like a code sent to your phone) to access your account.
4. Keep your device updated, as updates often include security patches. On a Linux system, you can update your system with the command sudo apt update && sudo apt upgrade.
5. Avoid entering sensitive information when connected to public WiFi.

🖇️ Références