Travel wifi – Beware of the evil twin
I came across something the other day that is interesting for those who use wifi while traveling.
There is an attack known as an ‘evil twin’ attack. The attacker creates a wifi host with a name similar to, or the same as, that used by a hotel, cafe or other hotspot. They broadcast from a location near the real hotspot. In some cases, they might have disabled the real hotspot.
Unsuspecting users connect to what they think is a legitimate wifi access point. In reality, they are simply being redirected BUT, everything they do, including credit cards and passwords, can be recorded.
The attacker doesn’t need sophisticated equipment. They could simply have a laptop in their briefcase.
The danger in this type of attack is that it is difficult to detect, even for relatively sophisticated users. There are a few things that you can do to lessen your vulnerability:
- Be aware that ‘evil twin’ attacks can occur.
- Minimize access to sites with sensitive information while using public wifi (including wifi at hotels)
- Never use the same ID and password for all of your websites. In fact, every site you use should have it’s own unique code. If the perpetrator of an evil twin gets your ebay id/pw and you use the same id/pw for paypay, you are compromised. (All, they need to do is try the ID/PW combo that they get from one site you visit on other major sites)
- Pay attention to the urls in the address bar. Double check to make sure that the address is exactly way you want.. ie www.paypal.com and not something like www.paypa1.com
- It would be a good idea to change the passwords for sensitive accounts that you access while traveling before and after your travels (and maybe even during the travel). This is a bit of work but it could minimize the damage.
- If you use a web based email client, see if there is an option for a secure login. Keep in mind that this provides only a minimal amount of additional security.
- Make sure that you know how to set your firewall so that any wireless connection is listed as ‘untrusted’. Again, this does not provide a lot of additional security but it will help a bit.
Here is one tip that is worth listing seperately: Use a cellular card instead of wifi. You can get ‘unlimited’ cellular broadband for about $70/month. Cellular broadband keeps your communications on your carrier’s network. It cannot be spoofed the same way as wifi. Keep in mind that there are some allegations that certain providers will drop you if they believe you are using too much bandwidth
At some point, there will have to be some means of positively identifying the wifi connection that you are using. Until a workable system is found, it pays to be prudent, or even paranoid.
- Google is grabbing Wifi SSids and Mac addresses in Germany – Translation – Uh Uh privacy
- Oops – Google password system might be hacked
- Cheap Hosting and Identity Theft
- Summer travel time – Virtualize your office for offsite access.
- It’s Fishing and Phishing season again!!
- Verizon Wireless Droid X hotspot worse than useless
- More on Poor Man’s Exchange
- Update on Hotel wireless.. Another DUH-OH moment