How to Tell If You Connected to a Fake (Evil-Twin) Wi-Fi Hotspot

    Have you ever connected to public Wi-Fi, only to get a nagging feeling that something wasn't quite right? You might have encountered an "evil twin" hotspot. These fake networks are designed to look legitimate, but they're run by scammers hoping to snoop on your online activity. This guide will help you figure out if you've been caught in their trap and what to do next.

    If you suspect you've connected to an evil twin, disconnect immediately and avoid using that Wi-Fi network. Your online safety could be at risk.

    What is an 'Evil Twin' Hotspot?

    An evil twin Wi-Fi hotspot is a deceptive network set up by a hacker. It deliberately mimics a legitimate public Wi-Fi network, like the one at your favourite cafe or airport lounge, often using a very similar name. The goal is to trick you into connecting to it instead of the real one.

    Once you connect, the scammer can potentially monitor your internet traffic, steal personal information like passwords, or even direct you to fake websites that look real. It's a clever trick that relies on us wanting quick and easy internet access.

    Signs You Might Be on a Fake Network

    While evil twin networks try to look convincing, there are often subtle clues that something is amiss. Paying attention to these signs can help you identify a fake before it's too late, or at least confirm your suspicions after you've connected.

    • The Wi-Fi network name looks a bit odd (e.g., 'Free_Public_Wifi' instead of 'Cafe_Name_Guest').
    • You're unexpectedly asked to log in multiple times or provide unusual personal information.
    • Your internet connection feels unusually slow, or pages take a long time to load.
    • You see security warnings in your web browser more often than usual.

    Check Your Device's Wi-Fi Settings

    After connecting, your device might hold clues. Most phones and computers keep a record of the networks you've joined and can sometimes show you more details than just the name. This information can be incredibly helpful in determining if you've been on a legitimate or suspicious network.

    • On Android: Go to Settings > Network & internet > Internet. Tap the gear icon next to the network name and look for details like IP address or gateway.
    • On iPhone/iPad: Go to Settings > Wi-Fi. Tap the 'i' icon next to the connected network for details.
    • On Windows: Go to Settings > Network & internet > Wi-Fi. Click on the network name for properties.
    • On Mac: Go to System Settings > Wi-Fi. Click 'Details' next to the network name.

    Review Your Browser and App History

    Once you suspect you've been on an evil twin, it's crucial to check what information might have been exposed. Your web browser's history and any apps you used can provide a picture of what data travelled over that dodgy connection. This doesn't mean all is lost, but it helps you assess the risk.

    Look for websites you visited and note if they were secure (starting with 'https://'). Also, think about any apps that required you to log in or handle sensitive information during the time you were connected.

    • Check your web browser history for the time you were connected to the suspicious network.
    • List any websites you logged into or entered personal details on.
    • Consider any apps (like banking or social media) that you used and might have sent sensitive data.

    Assess What Information Was Exposed

    Understanding what you might have revealed is the next critical step. Not every bit of information is equally sensitive. For example, simply browsing a news site is very different from logging into your online banking or sending an email with personal attachments.

    Make a mental note (or even a physical one) of the types of activities you performed. This will help you prioritise your response and decide how serious the exposure might be.

    • Did you log into any accounts (email, banking, social media, shopping)?
    • Did you enter credit card details for a purchase?
    • Did you send or receive any sensitive work documents or personal messages?
    • Did you download any files?

    Key takeaway

    Identifying an evil twin Wi-Fi hotspot can be tricky, but by knowing what to look for and checking your device settings and online activity, you can better understand if you've been compromised. The most important step is to assess what information might have been exposed so you can take appropriate action to protect yourself. Stay vigilant when using public Wi-Fi, and when in doubt, use your mobile data or a trusted VPN.

    More from Network Security

    No image

    How to Use Email and Social Apps Safely on Public Wi-Fi

    Reduce the chance of repeat exposure on public networks.
    No image

    How to Recover Email and Social Accounts After an Evil-Twin Wi-Fi Login

    Reset access on each affected account from a clean device.
    No image

    How to Tell If Your Email or Social Login Was Captured on a Fake Wi-Fi

    You signed into email or social on a fake hotspot — those credentials should be considered stolen.