Convention Attendees Fall Victim to Fake Wi-Fi

Security research company Avast Software set up fake Wi-Fi access points with network names like “Google Starbucks”, “Xfinitywifi”, “I Vote Trump! free internet”, and “Attwifi” at various locations around the Republican National Convention in Cleveland last week. While many attendees intentionally connected to these networks, many others did so unknowingly because their devices were set to automatically join known Wi-Fi networks. Those phones, tablets, and laptops silently connected to the fake AT&T and Starbucks Wi-Fi networks as soon as they detected a network with a familiar name. The technique of exploiting this device setting is referred to as an evil twin attack.

In total, over 1200 attendees connected to suspicious or evil twin Wi-Fi networks and 68% of them did something online that exposed their identity. Evil twin networks can be cheaply and easily deployed anywhere. Always be suspicious of public Wi-Fi networks and treat them as insecure, whether they’re password protected or not. Consider changing the settings on your devices so that they do not automatically join known Wi-Fi networks and if you must connect to a public Wi-Fi network, use a VPN to keep your data secure.

More information is available in Avast’s press release: https://press.avast.com/en-gb/amidst-charged-cyber-security-dialogue-republican-national-convention-attendees-show-negligent-behavior