Why it matters: An Australian man has been charged with stealing unsuspecting users' data by setting up fake Wi-Fi networks using portable wireless access points in several public places, including airports. He was caught when an airline noticed the suspicious network and summoned authorities. The incident underscores how important it is to remain vigilant about Internet security no matter how impatient you are to log online.
Western Australian national Michael Clapsis from Perth appeared in the Magistrates Court last week. He faces nine charges of cybercrime violations for allegedly setting up fake public Wi-Fi networks at multiple locations across the country to swipe unsuspecting users' data. He had been arrested earlier this spring. After his court appearance, he was released on strict bail conditions.
Clapsis had set up several portable wireless access points to create so-called 'evil twin' free Wi-Fi networks, which raised alarms for a domestic airline that spotted the suspicious network during a flight. The Australian Federal Police searched Clapsis' luggage and seized a number of electronic devices. They also searched his Palmyra home.
When people tried to connect their devices to the free networks, they were taken to a fake website that required them to log in using their email or social media accounts, according to the AFP. Western Command Cybercrime Detective Inspector Andrea Coleman warned the public that when connecting to free public Wi-Fi you shouldn't have to enter any personal details, such as logging in through an email or social media account.
Clapsis allegedly saved the details and may have used them to access more of the users' personal information, including stored images and bank details.
The fake Wi-Fi access points were deployed at airports in Perth, Melbourne, and Adelaide, on domestic flights, and at locations linked to Clapsis' previous employment.
The incident highlights the dangers of using public Wi-Fi networks. Typically, evil twin attacks work by the hacker setting up a fake Wi-Fi access point that mimics a legitimate network, using the same Service Set Identifier (SSID) name. They may use devices like smartphones, laptops, or specialized tools like a Wi-Fi Pineapple to create this fake network. Once the user connects, the attacker presents a fake portal to capture login credentials or other sensitive information.
These attacks are particularly dangerous because they're difficult to detect and play on people's need for an immediate Internet connection no matter where they are. In addition, many devices are set to automatically connect to known networks.
To avoid these attacks, never use unsecured public Wi-Fi networks, or if you must, use a VPN to connect. Also, disable auto-connect features on your devices, and only browse HTTPS websites when connected to a public Wi-Fi network.