close
close

iPhone and Android users warned about ‘evil twin’ attacks and how to stop them

Posted on by darion

Billions of people with iPhones or Android smartphones are being warned about an “evil twin” attack on their devices, and are being given key advice on how to protect themselves.

This dangerous threat threatens countless devices worldwide and has the potential to affect virtually every smartphone owner.

And unfortunately, you may have already fallen victim to such an attack without even knowing it. But what is an “evil twin” attack?

The Evil Twin Attack Explained

According to the experts at NordVPN, an “evil twin” attack is a cyberattack that is incredibly easy to come across.

“A hacker creates a fake Wi-Fi access point that imitates a real network and tricks users into connecting to it,” the document reads.

“Threat actors create these hotspots to infiltrate a device and gain unauthorized access to sensitive data.”

You are most vulnerable to these types of incidents in public places, such as coffee shops, shopping malls or airports, where you need to connect your device to the internet.

Once you connect to the fake network, everything you do on your device from that point on will be shared with the hacker and will go through their server.

This could affect you regardless of your device brand. (Jamie McCarthy/Getty Images for Android)

This could affect you regardless of your device brand. (Jamie McCarthy/Getty Images for Android)

How to Detect an Evil Twin Network

This can be a tricky part, since many fake Wi-Fi networks mimic real networks in their name. So it really comes down to being smart about the data you share on a public network.

“The attacker makes the evil twin visible to unsuspecting users. Devices previously connected to the network attempt to automatically connect to the evil twin,” NordVPN says.

“The hacker gains the ability to monitor the victim’s internet traffic and intercept personal information that users send over the network.”

The best way to spot a fake network is to check if there are two with the same name. And if you spot them, approach the staff if you can find them to tell which one is the real one. NordVPN also warns about the login screens after connecting. If you are asked for personal information at this point, it is a clear sign that you are falling victim to a scam if you continue.

“Legitimate networks typically do not ask for login credentials unless it is an authentication portal, such as at a hotel or airport,” he adds.

Anyone with a smartphone is at risk if they connect to such a network. (Getty Stock Image)

Anyone with a smartphone is at risk if they connect to such a network. (Getty Stock Image)

What to do if you fall victim to an evil twin attack

Disconnect your phone immediately and change your account passwords. And if you don’t have two-factor authentication (2FA) enabled, fix that problem.

Next, NordVPN recommends scanning your device for malware and closely monitoring your accounts for suspicious activity, such as fraudulent bank payments.

It goes on to recommend: “Avoid unsecure networks that don’t require a password to connect. This can protect you from evil twin attacks, eavesdropping, man-in-the-middle attacks, and malware distribution on your device.”