An evil twin is a fake Wi-Fi access point that imitates a legitimate network in order to intercept user data. It impersonates a genuine Wi-Fi network by copying its name (SSID) and characteristics.
Features
- CATEGORY : π΄ " type attackMan-in-the-Middle"(MITM)
- FREQUENCY : 🔥🔥🔥
- DANGEROUS : ππππ
- DIFFICULTY OF ERADICATION : 🧹🧹🧹🧹
How it works
- The attacker creates an access point with a stronger signal than the original one
- It configures its network with the same name as the target
- Devices automatically connect to the strongest signal
- The attacker intercepts traffic between the user and the Internet
π₯ Consequences
- Theft of login details
- Interception of banking data
- Theft of personal information
- Infection by malware
- Identity theft
π Protection and remedies
- Systematic use of a VPN
- Avoid automatic connection to Wi-Fi networks
- Check network authenticity (MAC address)
- Favour 4G/5G connections in public places
- Use intrusion detection solutions
- Training users in good practice
π Figures and statistics
π«π· In France
- Around 20 % of Wi-Fi attacks in 2023 involved evil twins
π Worldwide
- 24 % of public Wi-Fi access points are vulnerable
- 89 % of users connect to public Wi-Fi networks without verification
- Attacks by evil twins increased by 35 % between 2022 and 2023
