Don't miss an insight. Subscribe to Techopedia for free.


Evil Twin

What Does Evil Twin Mean?

An evil twin, in the context of network security, is a rogue or fake wireless access point (WAP) that appears as a genuine hotspot offered by a legitimate provider.


In an evil twin attack, an eavesdropper or hacker fraudulently creates this rogue hotspot to collect the personal data of unsuspecting users. Sensitive data can be stolen by spying on a connection or using a phishing technique.

Techopedia Explains Evil Twin

For example, a hacker using an evil twin exploit may be positioned near an authentic Wi-Fi access point and discover the service set identifier (SSID) and frequency. The hacker may then send a radio signal using the exact same frequency and SSID. To end users, the rogue evil twin appears as their legitimate hotspot with the same name.

In wireless transmissions, evil twins are not a new phenomenon. Historically, they were known as honeypots or base station clones. With the advancement of wireless technology and the use of wireless devices in public areas, it is very easy for novice users to set up evil twin exploits.

To avoid evil twin hotspots, public hotspots should only be used for simple browsing, and banking or shopping should be avoided. To safeguard business data while using a wireless connection, users should connect via a virtual private network (VPN) and make a practice of using Wi-Fi Protected Access (WPA) or Wired Equivalent Privacy (WEP) encryption.


Related Terms