evil twin exploit

Evil Twin Spoofing – Bye Bye Passwords

Ever hear of this – Evil Twin Spoofing? Sounds quite weird but it’s a very simple way of stealing peoples accounts, passwords and basically their entire identity. So that you’re aware here’s a how it works. An identity Thief makes himself comfortable in an airline lounge or his local Starbucks and gets out his laptop. Instead of just then browsing like everyone else, he sets up his laptop as a wireless access point using some free software. He calls his Access Point something friendly and plausible – perhaps Starbuck-Free-Wifi for instance, they then sit and wait.

It won’t be long before people start connecting to this bogus access point and as long as it’s been set up correctly – IE to relay all connections through the legitimate wifi AP then noone will be any the wiser.

Why Would He do This ?

Hopefully you’re one step ahead of me by now, everyone who is using the bogus access point will be unaware that they’re sending every keystroke, every password and every account name they connect to through this computer. Checking their paypal account, buying something from the internet, online banking – anything vaguely like this and the identity thief has struck gold.

You’re not likely to find out straight away of course, depending on the skill of the online thief and what lengths he intends to go to. But likely when you visit the ATM and find your balance at zero or worse then you might find out. Be very careful when connecting to Public free Wifi anywhere if you do use it, either use a product like . or never check anything with a username or password.