"Evil twin" wireless hotspots are the latest security threat to web users, said cybercrime experts at Cranfield...
Evil twin is the term used to describe rogue wireless hotspots set up by hackers near legitimate hot spots. They are considered a serious threat, as users could connect to the internet via the hacket’s wirless connection, rather than the legitimate connection.
Dr Phil Nobles, wireless internet and cybercrime expert at the university, said, “'Evil twin' hotspots present a hidden danger for web users. Users think they've logged on to a wireless hotspot connection when, in fact, they’ve been tricked to connect to a hacker’s unauthorised base station.”
Nobles said the hacker jams the connection to a legitimate base station by sending a stronger signal within close proximity to a wireless access point - thereby turning itself into an "evil twin".
Once the user is connected to the "evil twin", the cyber criminal can intercept data being transmitted, such as bank details or personal information.
Nobles said, “Cyber criminals don’t have to be that clever to carry out such an attack. Because wireless networks are based on radio signals, they can be easily detected by unauthorised users tuning into the same frequency.”
Unwitting web users are invited to log in to the attacker’s server with bogus login prompts and can pass on sensitive data such as user names and passwords which can then be used by unauthorised third parties.
This type of cyber crime goes largely undetected because users are unaware that this is taking place until well after the incident has occurred.
Prof Brian Collins, head of the information systems department at Cranfield, said: “Web users who use Wi-Fi networks should be on their guard against this type of cyber crime.
“Given the spread and popularity of public wireless internet networks - which, according to analyst IDC, are predicted to increase in number from 7,800 now to nearly 22,000 by 2008 - users need to be wary of using their Wi-Fi enabled laptops or other portable devices to conduct financial transactions or anything of a sensitive or personal nature.”
Users can help protect themselves from such attacks by using a personal firewall on their laptop or mobile device. That way, they will be told who is trying to access their device during the log-in process and during their surfing session.