Skip to main content
The Web      Powered by
powered by Yahoo!

'Evil twin' threat to Wi-Fi users

Wireless devices link to the internet via "hotspots."
Follow the news that matters to you. Create your own alert to be notified on topics you're interested in.

Or, visit Popular Alerts for suggestions.

LONDON, England -- "Evil twins" are the latest menace to threaten the security of Internet users, experts in the UK are warning.

An "evil twin" is a bogus base station that latches on to someone using new "Wi-Fi" wireless technology.

Victims think their laptops or mobile phones are connected to bona fide wireless internet connections.

They may then transmit valuable bank details or other personal information, not suspecting that they are being intercepted by cybercriminals.

Professor Brian Collins, from the Royal Military College of Science, Cranfield University, a former chief scientist at GCHQ -- the Government's secret eavesdropping station -- said: "Users need to be wary of not using their Wi-Fi enabled laptops or other portable devices in order to conduct financial transactions or anything that is of a sensitive personal nature, for fear of having disclosed this information to an unauthorised third party."

Wireless devices link to the Internet via "hotspots" - nearby connection points that they lock on to. But these hotspots can act like an open door to thieves.

Anyone with suitable equipment can locate a hotspot and take its place, substituting their own "evil twin."

Dr. Phil Nobles, a wireless Internet and cybercrime expert at Cranfield University, said: "So-called 'evil twin' hotspots present a hidden danger for Web users.

"In essence, users think they've logged on to a wireless hotspot connection when in fact they've been tricked to connect to the attacker's unauthorised base station.

"The latter jams the connection to a legitimate base station by sending a stronger signal within close proximity to the wireless client -- thereby turning itself into an 'evil twin.'

"Cybercriminals don't have to be that clever to carry out such an attack. Because wireless networks are based on radio signals they can be easily detected by unauthorised users tuning into the same frequency."

Unwitting web users are invited to log into the attacker's server with bogus login prompts, tempting them to give away sensitive information such as user names and passwords.

Often users are unaware the have been duped until well after the incident has occurred.

Dr. Nobles spelled out the warning at a wireless crime event held at the Dana Centre, the Science Museum's forum for discussing controversial science, in London.

Lisa Jamieson, Head of Programmes at the Dana Centre, said: "Half of all business wireless networks in this country have inadequate security controls in place, making their information vulnerable to attack."

Story Tools
Subscribe to Time for $1.99 cover
Top Stories
Burgers, lattes and CD burners
Top Stories
CNN/Money: Security alert issued for 40 million credit cards


International Edition
CNN TV CNN International Headline News Transcripts Advertise With Us About Us
   The Web     
Powered by
© 2005 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us.
external link
All external sites will open in a new browser. does not endorse external sites.
 Premium content icon Denotes premium content.
Add RSS headlines.