{"id":24801,"date":"2024-07-01T09:10:17","date_gmt":"2024-07-01T17:10:17","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2024\/07\/01\/news-18531\/"},"modified":"2024-07-01T09:10:17","modified_gmt":"2024-07-01T17:10:17","slug":"news-18531","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/07\/01\/news-18531\/","title":{"rendered":"Personal data stolen from unsuspecting airport visitors and plane passengers in \u201cevil twin\u201d attacks, man charged"},"content":{"rendered":"\n<p>The Australian Federal Police (AFP) have charged a man for setting up fake free WiFi access points <a href=\"https:\/\/www.afp.gov.au\/news-centre\/media-release\/man-charged-over-creation-evil-twin-free-wifi-networks-access-personal\">in order to steal personal data from people<\/a>. <\/p>\n<p>The crime was discovered when an airline reported a suspicious WiFi network identified by its employees during a domestic flight. When the alleged perpetrator landed at Perth airport, his bags were searched and authorities found a portable wireless access device, a laptop, and a mobile phone in his hand luggage.<\/p>\n<p>The police say that the man, 42, used a portable wireless access device to create \u2018evil twin\u2019 free WiFi networks; so called because criminals set up free WiFi access points that mimic the name of legitimate public WiFi networks. <\/p>\n<p>When people tried to connect their devices to the free WiFi networks, they were taken to a fake webpage requiring them to sign in using their email or social media logins. Those details were then allegedly saved to the man\u2019s devices.<\/p>\n<p>The email and password details harvested could then be used to access more personal information, including bank accounts, emails and messages, photos and videos, and more.\u00a0<\/p>\n<p>AFP cybercrime investigators have identified data relating to the use of the alleged fraudulent WiFi pages at airports in Perth, Melbourne and Adelaide, on domestic flights, and at locations linked to the man\u2019s previous employment.<\/p>\n<p>The investigation is ongoing but the man can expect to face nine charges for the alleged cybercrime offences.<\/p>\n<p>&#8216;Evil twin&#8217; attacks are a type of \u201c<a href=\"https:\/\/www.malwarebytes.com\/glossary\/man-in-the-middle-mitm\">machine-in-the-middle<\/a>\u201d attack, where all traffic is routed through a server under the attacker&#8217;s control, giving them access to all of the submitted information.<\/p>\n<p>Cybercriminals favour places where people expect to have free WiFi, such as airports, planes, coffee, shops, and libraries. The attacker finds the legitimate network name\u2014known as the <a href=\"https:\/\/www.malwarebytes.com\/what-is-an-ssid\">SSID (service set identifier)<\/a>\u2014and creates an access point with the same name.<\/p>\n<p>Access points and wireless router networks broadcast their SSIDs to identify themselves, but the identifiers are not unique. Your device can connect to any SSID if the network has no security options enabled, and it will not be able to differentiate between the legitimate and the fake one.<\/p>\n<p>Evil twin attacks are based on the fact that when two networks have the same SSID and security settings, your device will either connect to the one with the strongest signal or the one it sees first.<\/p>\n<h3 class=\"wp-block-heading\" id=\"h-how-to-stay-safe-from-evil-twin-attacks\">How to stay safe from evil twin attacks<\/h3>\n<p>There are a few things you can do to protect yourself against this kind of attack.<\/p>\n<ul>\n<li>Firstly, do not allow your device to auto-connect to public or unsecure networks. See below on how to turn this off.<\/li>\n<li>Look out for unexpected behavior. To connect to a free WiFi network, you shouldn\u2019t have to enter any personal details\u2014such as logging in through an email or social media account.<\/li>\n<li>Install a <a href=\"https:\/\/www.malwarebytes.com\/vpn\">trusted VPN<\/a> to encrypt the traffic regardless of the network you are using, and even when you\u2019re not visiting websites that <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2018\/05\/https-why-the-green-padlock-is-not-enough\">HTTPS (Hypertext transfer protocol secure)<\/a> which encrypts the traffic between a browser and the website.<\/li>\n<li>And my personal favorite: Use your own personal hotspot. I use a portable 5G Mifi router, which provides me with reliable high-speed WiFi throughout my domestic journeys.<\/li>\n<\/ul>\n<h3 class=\"wp-block-heading\">How to disable auto-connect<\/h3>\n<p>When you\u2019re travelling it may be safer to disable auto-connect on Wi-Fi altogether.<\/p>\n<p>On Android it works roughly like this (steps may be slightly different depending on your Android version, device type, and vendor):<\/p>\n<p><strong>Settings<\/strong> &gt; <strong>Network &amp; Internet<\/strong> (or <strong>Connections<\/strong>) &gt; <strong>Wi-Fi<\/strong> &gt; <strong>Wi-Fi preferences<\/strong> (or <strong>Advanced<\/strong>). Toggle off <strong>Connect to public networks<\/strong>.<\/p>\n<p>On iOS  you can disable auto-connect by doing this:<\/p>\n<p><strong>Settings<\/strong> &gt; <strong>Wi-Fi<\/strong>. Tap the <strong>(i)<\/strong> next to the network name and then toggle off <strong>Auto-Join<\/strong>.<\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\" \/>\n<p><strong>We don&#8217;t just report on threats &#8211; we help safeguard your entire digital identit<\/strong>y<\/p>\n<p>Cybersecurity risks should never spread beyond a headline. Protect your\u2014and your family&#8217;s\u2014personal information by using <a href=\"https:\/\/www.malwarebytes.com\/identity-theft-protection\">identity protection<\/a>.<\/p>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2024\/07\/personal-data-stolen-from-unsuspecting-airport-visitors-and-plane-passengers-in-evil-twin-attacks-man-charged\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> An Australian man was arrested for alleged evil twin attacks. What are they and what can you do about them? <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[31596,31597,11232,32,5897,6273],"class_list":["post-24801","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-auto-connect","tag-evil-twin","tag-hotspot","tag-news","tag-privacy","tag-wifi"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24801","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24801"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24801\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24801"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24801"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24801"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}