Australian Man Arrested for “Evil Twin” Wi-Fi Scam Targeting Travelers


An Australian man faces charges for setting up fake Wi-Fi networks (“evil twins”) to steal data from unsuspecting travelers at airports. These networks mimic real airport or airline Wi-Fi, tricking users into connecting and exposing logins, browsing history, and more.

The Australian Federal Police (AFP) have arrested a 42-year-old man from Western Australia for allegedly setting up fake Wi-Fi networks to steal personal data from unsuspecting travelers. This cybercrime tactic, known as an “evil twin,” is often highlighted when discussing the dangers of using public Wi-Fi.

What is an Evil Twin Scam?

An “evil twin” scam, involves creating Wi-Fi network names that mimic legitimate airport or airline Wi-Fi hotspots. When users connect to these fake networks, their personal information, such as login credentials and browsing data, can be intercepted by malicious third parties including cybercriminals, scammers and spies.

The Investigation and Arrest

According to The AFP’s press release, the investigation began in April 2024 after a concerned airline employee reported a suspicious Wi-Fi network identified on a domestic flight. Following the tip from the airline, AFP investigators discreetly monitored the suspect and his activities.

On his return to Perth Airport from an interstate flight in April, the man’s luggage was searched, revealing a portable wireless access device, a laptop, and a mobile phone. The man used that portable device to create the fake Wi-Fi networks.

These networks would likely have been given names similar to those offered by airports or airlines, tricking unsuspecting travelers into connecting. Once connected, the suspect could potentially steal a variety of data, including:

  • Browsing history
  • Personal information entered on websites
  • Login credentials for email, social media accounts, and banking services

Further examination of these devices, along with a search warrant executed at the man’s residence. Based on the evidence, the AFP arrested the man at his home in May 2024. He is facing multiple cybercrime charges, including unauthorized access to restricted data and creating fake access points.

Protecting Yourself from Evil Twin Scams

The AFP has used this case to highlight the dangers of unsecured Wi-Fi networks and the importance of practising good cyber hygiene when traveling. They advise travelers to:

  • Avoid unencrypted networks: Look for Wi-Fi networks that are encrypted (indicated by a padlock symbol next to the network name).
  • Use a Virtual Private Network (VPN): A VPN encrypts your internet traffic, making it more difficult for hackers to intercept your data.
  • Be wary of network names: Don’t connect to networks with generic names or names that differ slightly from legitimate airport or airline Wi-Fi.
  • Disable automatic Wi-Fi connection: On your devices, disable the automatic connection to Wi-Fi networks to avoid connecting to untrusted networks unintentionally.

Wireless Router security: How to set up a WiFi router securely

WiFi software management firm exposed millions of users’ data

Emotet Trojan now exploits WiFi networks to infect nearby devices





Source link