How to Avoid Evil-Twin Wi-Fi Networks in Cafes, Hotels, and Airports

    Public Wi-Fi can be super handy when you're out and about, but it comes with a hidden danger called an "evil twin" network. These look like legitimate Wi-Fi options but are actually set up by sneaky people to spy on your online activity.

    Many public Wi-Fi networks aren't secure, even without an evil twin. Assume that anything you send or receive could potentially be seen by others.

    What is an 'Evil Twin'?

    Imagine you're at your favourite café, and you see a Wi-Fi network called "CaféConnect". An evil twin is a fake network set up by a hacker with a very similar name, perhaps "CafeConnect_FREE" or "CaféConnect_Guest". Once you connect to it, the hacker can see everything you do online, from your emails to your banking details.

    How to Spot a Sketchy Network

    The best way to protect yourself is to be a little suspicious. Always double-check the name of the Wi-Fi network with a staff member. Don't just assume the one that pops up first or seems most logical is the real deal.

    • Look for multiple networks with very similar names.
    • See if the network name has unusual characters, numbers, or misspellings.
    • Confirm the exact network name with an employee before connecting.
    • Be wary of networks offering 'free' or 'fast' internet in their name if the legitimate one doesn't.

    Use Your Phone's Hotspot Instead

    If you're unsure about a public Wi-Fi network, or if you need to do something sensitive like online banking, it's much safer to use your phone's mobile hotspot. This uses your phone's mobile data connection, which is generally more secure than public Wi-Fi.

    • Go to your phone's Settings.
    • Look for 'Personal Hotspot' or 'Mobile Hotspot'.
    • Turn it on and connect your laptop or other device to it.

    Turn Off Automatic Wi-Fi Connections

    Many devices are set to automatically connect to known Wi-Fi networks or even suggest new open networks. This can be convenient, but it also increases your risk of accidentally connecting to an evil twin. It's better to manually choose your network.

    • On iPhone/iPad: Go to Settings > Wi-Fi > Ask to Join Networks, and set it to 'Ask' or 'Off'.
    • On Android: Go to Settings > Network & internet > Internet > Network preferences, and turn off 'Connect to open networks' or 'Auto-connect'.
    • On Windows: Go to Settings > Network & internet > Wi-Fi > Manage known networks, and uncheck 'Connect automatically' for specific networks, or turn off 'Connect automatically when in range of known networks'.
    • On Mac: Go to System Settings > Network > Wi-Fi, then uncheck 'Connect automatically to hotspot'.

    Always Use a VPN on Public Wi-Fi

    A Virtual Private Network (VPN) encrypts your internet connection, making it much harder for anyone, including an evil twin operator, to snoop on your data. Think of it as a secure tunnel for your information.

    • Subscribe to a reputable VPN service (there are many free and paid options).
    • Install the VPN app on your phone, tablet, and laptop.
    • Always turn on your VPN *before* you start browsing when on public Wi-Fi.

    Key takeaway

    By being cautious, verifying network names, using your phone's hotspot, disabling auto-connect, and always using a VPN, you can significantly reduce your risk of falling victim to an evil twin Wi-Fi attack and keep your online activities private and secure.

    More from Network Security

    No image

    How to Use Email and Social Apps Safely on Public Wi-Fi

    Reduce the chance of repeat exposure on public networks.
    No image

    How to Recover Email and Social Accounts After an Evil-Twin Wi-Fi Login

    Reset access on each affected account from a clean device.
    No image

    How to Tell If Your Email or Social Login Was Captured on a Fake Wi-Fi

    You signed into email or social on a fake hotspot — those credentials should be considered stolen.