Evil Twin is the hacker attack that fools even the most experienced
Not even the summer break prevents hackers from continuing to perpetrate their attacks, indeed many take advantage of the heat and distraction of those who are relaxing on vacation to hit their victims. It is precisely in this period, starting from the premises just outlined, that there is an increase in attacks known as "Evil Twin". Basically, with Evil Twin, users are tricked into connecting to fake Wi-Fi access points, that is, they mimic legitimate networks, but instead allow attackers to hack the connected device.
"The Evil Twin attacks are named for their ability to mimic legitimate Wi-Fi networks, such as that of a café, airport, public park, and are nearly impossible to identify. " Massimo Grandesso, Managed Detection & Response BL Manager of Innovery, a company specialized in ICT and cybersecurity, explains. "Once the user connects to the malicious network, he will find himself completely at the mercy of the criminal, who will have access to all the pages on which the victim will browse. If from an illegitimate network, for example, we were to access our bank account, or work network, all this data could easily be hacked, including company credentials. This type of attack is not limited to computers alone but any tool that connects to the wireless network, such as mobile phones and tablets, is vulnerable. "
We don't have to let our guard down even on vacation
Once a known location with free Wi-Fi has been identified, the malicious operator just needs to make a note of the SSID , configure an account of the same name and set up a page where users will have to provide basic data or a password to access the network, known as a "captive portal", which will be quite difficult, if not impossible, to identify as bogus.
In a period like this, in which smart working is still widespread, it is very likely that several workers may find themselves connecting to public networks, even during the holidays, perhaps to check the company email. And public Wi-Fi networks, generally unencrypted, become a very high risk factor.
Innovery has shared some useful tips to avoid running into unpleasant situations like this:
Avoid Unsecured Wi-Fi hotspots Use a VPN to protect traffic: A virtual private network can help protect against an Evil Twin attack by encrypting data before a hacker sees it Connect only to HTTPS websites: when using a public network , be sure to visit HTTPS websites only. These sites offer end-to-end encryption, making it harder for hackers to monitor their activity while using them Use two-factor authentication - Adding 2FA to your private accounts is a great way to prevent hackers from accessing them . Even if a hacker were to obtain login credentials, two-factor authentication would prevent them from properly accessing the target account.
"The Evil Twin attacks are named for their ability to mimic legitimate Wi-Fi networks, such as that of a café, airport, public park, and are nearly impossible to identify. " Massimo Grandesso, Managed Detection & Response BL Manager of Innovery, a company specialized in ICT and cybersecurity, explains. "Once the user connects to the malicious network, he will find himself completely at the mercy of the criminal, who will have access to all the pages on which the victim will browse. If from an illegitimate network, for example, we were to access our bank account, or work network, all this data could easily be hacked, including company credentials. This type of attack is not limited to computers alone but any tool that connects to the wireless network, such as mobile phones and tablets, is vulnerable. "
We don't have to let our guard down even on vacation
Once a known location with free Wi-Fi has been identified, the malicious operator just needs to make a note of the SSID , configure an account of the same name and set up a page where users will have to provide basic data or a password to access the network, known as a "captive portal", which will be quite difficult, if not impossible, to identify as bogus.
In a period like this, in which smart working is still widespread, it is very likely that several workers may find themselves connecting to public networks, even during the holidays, perhaps to check the company email. And public Wi-Fi networks, generally unencrypted, become a very high risk factor.
Innovery has shared some useful tips to avoid running into unpleasant situations like this:
Avoid Unsecured Wi-Fi hotspots Use a VPN to protect traffic: A virtual private network can help protect against an Evil Twin attack by encrypting data before a hacker sees it Connect only to HTTPS websites: when using a public network , be sure to visit HTTPS websites only. These sites offer end-to-end encryption, making it harder for hackers to monitor their activity while using them Use two-factor authentication - Adding 2FA to your private accounts is a great way to prevent hackers from accessing them . Even if a hacker were to obtain login credentials, two-factor authentication would prevent them from properly accessing the target account.