When "Free Public Wi-Fi" Is Bad
January 21, 2008
You can catch more flies with honey--and hackers and phishers know this better than anyone. Learn how to protect yourself from honeypots and evil twins.
Honeypots (also known as "evil twins") behave much like carnivorous plants. They are set up by hackers who prey on unsuspecting Wi-Fi users by creating an AP that lures its victims by masquerading as a nice, safe source of something sweet (in this case, free Wi-Fi). Once the user has logged on, the honeypot clamps its sticky jaws shut and steals the user's sensitive data--often without the user even knowing it. Frequently, the trap is laid by broadcasting an SSID that says something as simple as "Free Public Wi-Fi."
However, just as you shouldn't accept a package from a stranger before boarding a plane, you shouldn't accept "free public Wi-Fi"--at least not without protecting yourself first. Since honeypots and evil twins are an ongoing threat, we've gathered together a few of our best articles on the subject. Read the stories below to learn more about honeypots and what you can do to avoid falling into this common trap:
The Caffe Latte Attack: How It Worksand How to Block It by Lisa Phifer
Getting Phished: Why SSID Spoofing (Still) Matters by Lisa Phifer
Foil Wireless Poachers and Have Fun Doing It by Carla Schroeder
DEFCON to Demo New Wi-Fi Hacks by Lisa Phifer
Researchers Lure Wi-Fi Hackers by Ed Sutherland
Stories compiled by Naomi Graychase. Naomi Graychase is Managing Editor at Wi-FiPlanet.