Evil twin (wireless networks)

An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications.

This type of attack may be used to steal the passwords of unsuspecting users, either by monitoring their connections or by phishing, which involves setting up a fraudulent web site and luring people there.

Unwitting web users may be invited to log into the attacker's server, prompting them to enter sensitive information such as usernames and passwords.

The evil twin can be configured to pass Internet traffic through to the legitimate access point while monitoring the victim's connection,[3] or it can simply say the system is temporarily unavailable after obtaining a username and password.

In July 2024 a man was charged by Australian Federal Police with running a fake WiFi network to steal credentials of passengers on at least one commercial flight.