Working from home, remote work for companies and WiFi usage had increased ten-fold since the start of the pandemic a few months ago. More importantly, though, so have security issues – from viruses, all the way down the list to serious cyberattacks and ransomware attacks that have been costing companies thousands – and even some of the millions – of their hard-earned dollars, let alone customers due to data breaches. The culprit? When people have more freedom to connect to the internet, many of these telecommuters have been utilizing free WiFi, which has posed a huge security risk that even the FBI has been noticed – called the “evil twin attack.”
Table of Contents
What is an Evil Twin Attack?
This new attack is literally called “drive-by hacking,” and it’s growing in popularity more and more. With all of the hacking groups out there and those who have come into other countries (while belonging and reporting to these groups), many scammers and hackers have been able to get people to connect to their own WiFi hotspots and trick people into connecting to them.
When you connect to a hotel or other company’s “free WiFi” network, you are literally putting yourself at risk, and therefore, putting your company and other guest information at risk as well. The increase has become more popular now that hotels allow people to rent rooms throughout the country. Therefore, being in a public networked place may actually be more impactful on security than a regular home network.
Since guests cannot often control the security features of the WiFi public connection they’re using, and a criminal will create a duplicate WiFi network and then utilize this to steal people’s pertinent information, as well as company information, emails, passwords, and more. This cloned network is sometimes hard to detect, and when a guest logs into it, the attackers have direct access to their personal and business laptops.
Smaller hotels have even less security – and rarely ever change passwords for their customer’s WiFi. Not only that, but most hotel chains don’t have dedicated managed service providers or technical teams that are just sitting there monitoring their networks 24/7. If the hotel has older equipment (such as routers and modems), then this can cause even more problems because they themselves have a huge security risk in their hands.
How Can I Protect Myself Well?
There are ways that personal users who are working remotely can protect themselves. Some are the following:
Some users prefer a reputable VPN, although, in recent months, even they’re being targeted for serious cyberattacks and data breaches.
One thing you can do is to use the mobile hotspot on your mobile phone instead of the hotel WiFi. You often aren’t using your connection to watch streaming videos and movies. If you are, stop it (you’re just wasting your data plan and causing your slow speeds anyway).
Ensure that your computer or device has security protection and some of the best security features that can stop attackers in their tracks before they ever get in the door.
Look at the connection and confirm with the hotel manager or desk clerk that the connection you want to connect to is the official WiFi network you need to connect to.
Use the public WiFi setting on Windows (with added security) and disable file and printer sharing.
Turn off the auto-reconnect feature (Don’t choose to connect to the WiFi service automatically).
Always confirm that you are only visiting sites with a real SSL certificate (or when you go to the “authentication” agreement page for the WiFi, it should have one too). This should be an HTTPS connection.
Don’t go to websites when you’re connected to a public WiFi network such as banking sites, and whatever you do, don’t do anything online that requires you to enter pertinent information (such as your social security numbers, drivers license numbers, etc.)
Make sure that when you connect to the hotel’s WiFi network that your device is not discoverable on the network.
Ensure that you have security in place on certain accounts to verify that you are logging into them. That way, if it’s ever not you, you will know.
Final Thoughts
We already knew that many public WiFi networks were deemed unsafe. However, if you want the best in VoIP security services and business security, you need to treat your personal devices used for work as a work device. If you have a good team of information technology specialists at hand in your place of business, you may be able to talk to your fellow employees or employer and get the same security they have set up should you need to work remotely. This can include everything from VoIP apps for your mobile devices (that are linked to your office phones) all the way down to cloud backup services and more.
Just make sure that you stay safe and don’t trust that just because a reputable connection seems like it’s an official connection, it truly is the safest WiFi connection as it could be an evil twin attack in disguise.