"Evil twin" wireless hotspots are the latest security
threat to web users, said cybercrime experts at Cranfield
University.
Evil twin is the term used to describe rogue wireless hotspots
set up by hackers near legitimate hot spots. They are considered a
serious threat, as users could connect to the internet via the
hacket’s wirless connection, rather than the legitimate
connection.
Dr Phil Nobles, wireless internet and cybercrime expert at the
university, said, “'Evil twin' hotspots present a hidden danger for
web users. Users think they've logged on to a wireless hotspot
connection when, in fact, they’ve been tricked to connect to a
hacker’s unauthorised base station.”
Nobles said the hacker jams the connection to a legitimate base
station by sending a stronger signal within close proximity to a
wireless access point - thereby turning itself into an "evil
twin".
Once the user is connected to the "evil twin", the cyber
criminal can intercept data being transmitted, such as bank details
or personal information.
Nobles said, “Cyber criminals don’t have to be that clever to
carry out such an attack. Because wireless networks are based on
radio signals, they can be easily detected by unauthorised users
tuning into the same frequency.”
Unwitting web users are invited to log in to the attacker’s
server with bogus login prompts and can pass on sensitive data such
as user names and passwords which can then be used by unauthorised
third parties.
This type of cyber crime goes largely undetected because users
are unaware that this is taking place until well after the incident
has occurred.
Prof Brian Collins, head of the information systems department
at Cranfield, said: “Web users who use Wi-Fi networks should be on
their guard against this type of cyber crime.
“Given the spread and popularity of public wireless internet
networks - which, according to analyst IDC, are predicted to
increase in number from 7,800 now to nearly 22,000 by 2008 - users
need to be wary of using their Wi-Fi enabled laptops or other
portable devices to conduct financial transactions or anything of a
sensitive or personal nature.”
Users can help protect themselves from such attacks by using a
personal firewall on their laptop or mobile device. That way, they
will be told who is trying to access their device during the log-in
process and during their surfing session.