Evil Twins Of Your WiFi Connection

Yesterday’s Wall Street Journal’s Marketplace section had an insightful article about protecting ones self from fake WiFi networks called “evil twins”. These networks masquerade as the networks of the WiFi provider you really want to access – like Mobile, Verizon or etc. Their “evil twin” web page looks like the web site logon page of the real network but with two very harmful differences.
1. When you type in your logon information – someone is harvesting it and can use it or sell it to someone else
2. The web site is often programmed to install malicious code (spyware, etc) on your PC
Unfortunately there is little you can do to protect yourself as these “evil twins” hack into your ISP and edit the directory your ISP uses to match the domain name, such as Mobile.com with the IP address that relates to tmobile.com. So you type www.tmobile.com into your web browser and instead of serving you the web page that is associated with the IP address of tmobile you are instead served the web page assigned to the ip address of the “evil twin”. When you type www.cnn.com or any web address into your web browser, your ISP must first to a domain name look up using a domain name server (DNS) to find what IP address is associated with that domain name to connect you to the proper web server and resulting web page. If someone has hacked into the DNS server, your web browsing experience is going to be compromised.
Imagine dialing 212-555-1212, your lawyer, and a hacker has edited the phone company so that 5’s = 3’s. When you dial, 212-555-1212, your phone is actually going to connect with 212-333-1212. Someone answers, you think its your lawyer and you start spilling your guts about the car you just wrecked. Well it’s not your lawyer its your insurance company.
How to protect yourself. Check out the digital certificate of your WiFi providers web site and make sure that its legit. If there is NO digital certificate which means you are connecting to a secure page and that digital certificate does not match of to be that of the web site it should be – don’t connect or type anything into the web site.
Always make sure that your anti-virus, spyware and other online security software are up to date and current.