Want to get my easy to follow Tech Tips in your email?
Sign up for my daily Rick’s Tech Tips Newsletter!
Have you ever used a hotel’s secure Wi-Fi network while staying there as a guest?
How about the secure Wi-Fi network that serves the building you work in – or even the network at your church?
Many of us routinely use these types of secured Wi-Fi networks without giving them a second thought, because…well, they’re encrypted, and therefore safe, right?
As a general rule these secured networks are indeed safe and we can use them without having to worry about having our usernames, passwords and personal info being stolen.
But there’s also a danger with using hotel Wi-Fi networks that you need to know about…
Hackers and scammers are setting up “Evil Twin” Wi-Fi networks that mimic an establishment’s real, legitimate network. The scam works something like this:
Note: I’ll use a hotel setting in this example, but the scam works pretty much the same way at other types of venues (restaurants and campgrounds, for example).
Scenario: A hacker/scammer rents a room in a busy hotel, checks in, then sets up a temporary Wi-Fi hotspot using a Network ID similar to the one assigned to the hotel’s real Wi-Fi network.
When other guests at the hotel decide to go online, they see two (or more) Wi-Fi networks with very similar names: the hotel’s real, legitimate secured network(s) and the hacker’s fake, unsecure network(s).
If a guest attempts to log on to the hotel’s real network, they’ll be prompted for the access code. Once connected, they can use the secure Internet connection to conduct their online activities as usual without having to worry about having their info stolen.
But if a guest chooses the fake network, they won’t be asked to enter an access code. They’ll simply be automatically connected to the insecure network and many of their online activities will be transmitted back and forth in the open (i.e. unencrypted).
Meanwhile, the scammer is sitting in his/her hotel room logging the victim’s usernames, passwords, credit card info, mobile phone number and more. Any info that’s transmitted in the clear (i.e. not encrypted) can be intercepted by the scammer.
A variation of this scheme is for the hacker to set up a fake Wi-Fi network (again, with the same Network ID used by the legitimate network), but with a fake login screen that mimics the one used on the hotel network.
An unsuspecting guest will then “log in” to the fake network and use it while having a false sense of security because they were asked to input the access code that was supplied by the hotel. The problem is the access code they entered was a totally useless ruse and the network they’re using is actually insecure.
You can usually identify a secure (i.e. encrypted) Wi-Fi network by the presence of the little “lock” icon beside the network icon. Check out the example network icons below:
The network depicted by the icon on the left is encrypted. That means you’ll have to enter the access key (aka password) before you’ll be able to log onto the network and use it to access the Internet. But even then you have to be extremely careful…
If you’re able to enter the correct access key (the one supplied by the owner of the network) you’ll be able to log on and know that your information will be safely transmitted in encrypted format – IF you actually signed into the hotel’s legitimate network.
This is why it’s very important to pay attention and make sure you’re signed into the right network. The scammers are slick and they always choose a network name that’s extremely close to the name of the legitimate network. Pay attention to every letter in the network name and make sure it matches the name provided by the hotel, letter-for-letter.
The network depicted by the icon on the right is not encrypted. We know that because there’s no lock icon beside the network icon.
If you were to use the network on the right to access the Internet your personal information could well be transmitted in non-encrypted format (unless you were accessing a secure website), making it available to any hacker that happens to be monitoring that network’s traffic.
Bottom line: Any time you see two available Wi-Fi networks with very similar Network IDs, DO NOT connect to either one of them until you verify with 100% confidence which network is the actual legitimate network.
And finally, always remember that any time a network that’s supposed to be secure fails to ask you to input an access code, that network is either an “evil twin” or a legitimate network that isn’t set up properly (again, there won’t be a “lock” icon).
In either case, DO NOT use that network!