How to Tell If Your Email or Social Login Was Captured on a Fake Wi-Fi

Have you ever connected to a public Wi-Fi network at a cafe, airport, or hotel? If you then logged into your email or social media, there's a chance your login details might have been secretly captured by a fake network designed to steal them. These are often called "evil twin" networks.

What is an 'Evil Twin' Wi-Fi Network?

An 'evil twin' is a fake Wi-Fi network that looks legitimate. Cyber attackers set these up to trick you into connecting, often by giving them names similar to the official network, like 'Free Airport Wi-Fi' or 'HotelGuest'. Once you connect, they can snoop on your internet traffic, including any usernames and passwords you type in.

Signs You Might Have Connected to a Fake Network

It can be tricky to spot an evil twin, as they are designed to look trustworthy. However, there are some clues that might suggest you've fallen victim. Being aware of these can help you identify a problem after the fact.

• Multiple networks with very similar names appearing in the same location.
• Being disconnected from a known Wi-Fi network and then automatically connecting to a slightly different-named one.
• Your device asking you to 'trust' a network or install a security certificate when you connect to public Wi-Fi (this is highly suspicious).
• Slower than usual internet speeds or frequent disconnections on a public network.

Immediately Change Your Passwords

If you logged into your email or any social media accounts while connected to a suspicious public Wi-Fi network, the very first thing you need to do is change those passwords. Assume the attacker has them. Do this as soon as you are on a secure, trusted network (like your home Wi-Fi or mobile data).

• Go to your email provider's website (e.g., Gmail, Outlook) and navigate to Account Settings > Security > Change Password.
• Visit each social media platform (e.g., Facebook, Instagram, Twitter) and find their password change options, usually under Settings > Security and Login.
• Choose a strong, unique password for each account – ideally using a password manager to help you.

Enable Two-Factor Authentication (2FA)

Two-factor authentication adds an extra layer of security to your accounts, making it much harder for attackers to get in, even if they have your password. If you haven't already, enable 2FA on your email and all social media accounts immediately.

• On most services, look in 'Security Settings' or 'Login & Security' for options like 'Two-Factor Authentication' or '2FA'.
• Choose a reliable 2FA method, such as an authenticator app (like Google Authenticator or Authy) or a physical security key, over SMS text messages, which can sometimes be intercepted.
• Make sure you have backup codes stored somewhere safe in case you lose access to your 2FA device.

Check for Suspicious Account Activity

After changing your passwords and enabling 2FA, take some time to review your accounts for any unusual activity. Attackers might use your stolen credentials to send spam, access your contacts, or make unauthorised purchases.

• Look at your email 'Sent' folder for messages you didn't send.
• Check your social media for posts, messages, or friend requests you don't recognise.
• Review login history or activity logs in your account settings – many services show recent logins, including location and device used.
• If you linked any financial services (like PayPal) to these accounts, check those for unauthorised transactions.

Key takeaway

Falling victim to an evil twin Wi-Fi network can be unsettling, but by acting quickly to change passwords, enable two-factor authentication, and monitor your accounts, you can significantly reduce the potential harm. Always be cautious when connecting to public Wi-Fi, and remember that your digital security is always worth protecting.