Wireless is a useful technology that has been quickly growing for years and is now widespread almost everywhere we go. It enables users and their devices to simply and wirelessly reach the internet.
Despite the dependence on this technology that has appeared in recent years, the normal user is unaware of how it works and unaware of the several security vulnerabilities they subject themselves to when using it.
While great improvements have been performed to secure wireless communications, such as WEP, WPA2, and WPS, the truth is that they are still all breakable. Moreover, they only work to secure the data going between the user’s device and the access point. The Evil Twin attack provides the attacker a method for getting sensitive user data.
Instead of targeting and attacking the wireless access point to infiltrate a network, the attacker simply fools the user into connecting to a malicious network. A normal user is unaware of what happens when they connect to a wireless network. They know enough to decide something is wrong if their wanted website does not load. But, even if their websites do not load, they regularly assume their hardware is at fault and proceed to restart their routers.
WiFi devices are generally configured to autoconnect to open or known networks. This mixture of expected human behaviour and the use of protocols that are easily trusted results in a very exploitable attack vector.
An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate, set up to eavesdrop on wireless communications. The evil twin is the wireless LAN equivalent of the phishing scam.