There’s a New Danger When Connecting to Public Wi-Fi—Here’s What You Need to Know

Today, we have internet connectivity almost everywhere we go. That’s one of the greatest conveniences of our digital world, but it also forces us to be vigilant. All the wireless internet traffic floating around is a feast for cybercriminals, who have a box full of tools they can use to intercept and steal your information.

You’ve probably heard the warnings about connecting to public Wi-Fi, and no doubt you take them seriously. But this sneaky new tactic can fool even the most tech-savvy internet veterans. Thankfully, you can avoid this digital danger fairly easily with some basic awareness and caution.

We talked to cybersecurity experts Dave Lewis, global advisory chief information security officer at 1Password, and Tony Anscombe, chief security evangelist for ESET, to learn more. Here’s everything you need to know about protecting yourself from this devious ploy, plus some essential tips and tricks for staying safe when using public Wi-Fi.

Get Reader’s Digest’s Read Up newsletter for more tech, cleaning, humor, travel and fun facts all week long.

What’s the new threat with public Wi-Fi?

One of the sneakiest tactics cybercriminals use is known as an “evil twin” network. Don’t let the dramatic, soap opera–esque name fool you: Evil twin networks are a serious threat that every internet user needs to be aware of while on the go.

But what exactly is an evil twin network? The name sounds dramatic, but it’s actually quite simple. “An ‘evil twin’ Wi-Fi network is a fake hotspot that copies the name of the real one at a cafe, hotel or airport,” explains Lewis. “Your phone or laptop may see something like ‘FreeAirportWiFi’ and connect without thinking, except it’s actually the criminal’s router.”

This is a type of “man-in-the-middle” attack. Although evil twin networks are relatively new (accompanying the rise of public Wi-Fi being available everywhere), man-in-the-middle attacks have been a digital threat for decades. The idea is simple: Criminals insert themselves between an unsuspecting victim and whatever the victim is trying to connect to in order to secretly intercept data for phishing purposes. In the case of evil twin networks, the “middleman” is the criminal’s fake Wi-Fi network.

“When you are in a public space and search for a Wi-Fi network to connect to, there is often little due diligence conducted on what is legitimate and what may be malicious,” says Anscombe, “so a misspelled or ingeniously named network can be attractive.”

For example, a legitimate public Wi-Fi network may be named something like “Starbucks-WiFi,” whereas the evil twin network may have a nearly identical SSID, or network name, such as “StarbucksWiFi.” To make matters worse, the criminal may even try to knock the official network offline temporarily with a deauthentication attack, encouraging unsuspecting users to connect to the decoy instead. It’s easy to see, then, how sneaky this tactic is—and how easily you can fall victim to it.

What can happen if you connect to one of these evil twin networks?

An evil twin Wi-Fi network can effectively capture any unencrypted traffic sent over the network, but that’s not all a cybercriminal can do with it. “Once you’re on it, they can watch what you do on sites that aren’t adequately secured, nudge you over to a fake login page and learn which websites you visit,” Lewis says. “If a browser pops up a security warning and you click ‘continue anyway,’ that’s basically like handing the criminals your house keys.”

That means that whoever is operating the fake Wi-Fi node can see anything not encrypted using HTTPS, a common internet encryption protocol. The good news, Anscombe notes, is that “the majority of transactional websites that require login or disclosure of personal information will use HTTPS and will not be visible in plain text to the bad actor.” That means that if the traffic itself is encrypted, the criminal can’t do much with it.

The bad news is that there are other ways the criminals can trick you into handing over your credentials. The most common tactic is to set up fake login pages, a tactic hackers can use to steal your identity. “If the attacker is sophisticated, they may allow all traffic to flow freely to gain trust,” Anscombe warns, “but at the moment the victim attempts to log in to a financial organization such as a bank, they may redirect the request to a fake bank site login page in order to capture the user’s credentials.”

It’s possible that the attacker could also try to secretly install malware onto your device through the fake Wi-Fi network. This could include spyware, a virus or a keylogger, among other malware. While less of a threat than your credentials being stolen (as it typically requires you to download something yourself), it’s still a danger to be wary of when using public Wi-Fi.

How big of a problem is this?

It’s difficult to track hard statistics regarding the prevalence of evil twin Wi-Fi networks, as many (if not most) victims don’t even realize their data is compromised until well after the fact. Imagine you receive an alert regarding a suspicious transaction and realize a criminal has your credit card info. It could have been stolen days or even weeks ago; can you easily pinpoint the exact time and location where it happened?

That said, the risk is definitely real. One recent real-world example occurred in Australia, where a man was charged with nine counts of cybercrime relating to the use of evil twin Wi-Fi networks. It doesn’t require expensive equipment or complex technical know-how for an attacker to pull off an evil twin network hack. And, as you can imagine, there are plenty of potential victims in high-traffic areas.

A recent Statista survey shows that cafes, restaurants and hotels are the most common areas where criminals set up evil twin Wi-Fi networks. Other high-risk areas include libraries, airports, retail stores, public-transportation hubs and even schools—in other words, virtually anywhere you’re likely to find public Wi-Fi networks.

What should you do if you encounter an evil twin network?

If you’re connecting to a public Wi-Fi network and spot a duplicate network with a similar (likely almost identical) name, you may have found an evil twin network. But what should you actually do in this instance?

First things first: Don’t connect to either Wi-Fi network! If you’ve somehow automatically connected to a network, disconnect immediately. Then, double-check the SSIDs and make sure you can identify the authentic one; it may be a good idea to ask staff which network is the correct one. Also be sure to let the establishment know about the duplicate network, just in case it is indeed an “evil twin.”

The old maxim “an ounce of prevention is worth a pound of cure” applies as much to online security as it does to anything. Taking simple precautions to avoid connecting to an evil twin network can spare you the headache of having your information stolen when using public Wi-Fi.

How can you tell which one is legit and which is the scam?

The surest way to know you’re connecting to a legitimate Wi-Fi network is to double-check the name. Make sure the SSID of the network exactly matches the SSID provided by the establishment. Cybercriminals exploit carelessness, and evil twin networks will feature small changes, such as innocuous misspellings or punctuation differences, in order to trick victims into connecting. Also, be wary of networks with SSIDs that are a little too generic, such as “FreeWiFi” or “Public-wifi.”

Additionally, look at the network’s signal strength. Don’t assume that the network with the strongest wireless signal is the legitimate one. The criminal may be offering a stronger signal to lure in unsuspecting victims. This is made easier by the fact that your device may put stronger connections at the top of the list of networks when you’re trying to connect. The hacker’s router may also simply be closer to customers than the business’ router, which could result in a stronger signal.

If connecting to a public Wi-Fi network requires a portal login, as is usually the case in places such as hotels and airports, take a good look at the login page before you enter any credentials. Ensure the page’s address and page appear legit and don’t feature any strange tells, such as typos, out-of-place design elements or an odd-looking URL. If a login portal seems “off,” it may be an evil twin network created for phishing purposes.

Finally, beware of auto-connecting to any public Wi-Fi networks. Most devices will attempt to auto-connect to networks they recognize, and they do this by silently broadcasting saved SSIDs of previously used networks in order to “sync up” with them. Sophisticated hackers can exploit this feature to trick your devices into automatically connecting to their evil twin network without raising suspicion. Always double-check the SSID of any public network you’ve automatically connected to. Depending on your circumstances, it may be a good idea to turn off auto-connect altogether, such as while traveling.

How else can you stay safe on public Wi-Fi?

No matter where you are or what you’re doing online, it’s always important to practice good security hygiene when using a public Wi-Fi network. Here are the easiest ways to stay safe on public Wi-Fi:

• Ensure you’re connecting to the right network. First, double-check the SSID of the public Wi-Fi network you’re connecting to, and don’t always blindly trust posted signage. “Ask staff for the exact network name and password,” Lewis recommends. “It’s not to be understated that little spelling differences matter.”

• Consider using a VPN. “If there is a need to connect to the internet in a public space to transact or log in to a service, then it’s good practice to use a VPN,” advises Anscombe. “This ensures that all data from your device is encrypted on its journey over the public part of the connection, whether legitimate or an evil twin.”

• Disable auto-connect when using public Wi-Fi. This will prevent your device from automatically connecting to an evil twin network with a spoofed SSID.

• Use your cellular network instead of public Wi-Fi. “If any financial transaction or the need to log in to a financial service is needed,” says Anscombe, “I recommend using a smartphone connected to the cellular data network only, as the traffic is automatically encrypted between the device and the cell tower.” If you’re using something like a laptop, you can also use your cellular device as a Wi-Fi hotspot instead of public Wi-Fi.

• Always use HTTPS. Most legitimate sites will use HTTPS encryption by default. However, your web browser can also force sites to use HTTPS and warn you when connecting to a site where HTTPS is not available. Make sure to activate this setting in your chosen web browser on all of your devices.

• Avoid “open” networks that don’t require a password. Password-protected networks are usually a safer option than open networks, especially when it comes to public Wi-Fi. If an establishment’s public network doesn’t require a password, use extra caution (and consider avoiding it altogether).

• Avoid using sensitive accounts on public Wi-Fi. Even if using HTTPS on a legitimate network, it’s good practice not to log into any important accounts when using public Wi-Fi. Use a VPN, cellular data or your hotspot, or just wait until you get home. This includes things that require payment information, such as online shopping!

• Be suspicious of any login portals or pop-ups. Evil twin networks rely on user carelessness, especially when it comes to entering login credentials. “If a pop-up page asks for your email, password or credit card, pause and double-check with staff,” recommends Lewis. “And never click past certificate/security warnings.”

• Keep your software up to date. We know those software-update warnings can be annoying, but don’t put them off. There’s a never-ending arms race going on between software developers and cybercriminals, and those updates often contain crucial patches for the latest security vulnerabilities that hackers are exploiting. Keeping your devices up to date with the latest software is an easy way to minimize digital threats.

Evil twin networks might sound like something out of a sci-fi movie, but they’re a very real (and growing) threat. With public Wi-Fi available everywhere, the digital landscape is ripe for criminals to lure unsuspecting users into their webs. But by exercising due diligence and not letting your guard down, you can browse safely when you’re on the go.

RELATED:

• You Need to Remove Your Personal Info from This Invasive Website ASAP—Here’s How
• Here’s Why You Should Get a Landline—Yep, Even in 2025
• The TSA Issued a Warning About This Popular Device in Airports—Here’s What to Know

Why trust us

Reader’s Digest has published hundreds of articles on personal technology, arming readers with the knowledge to protect themselves against cybersecurity threats and internet scams as well as revealing the best tips, tricks and shortcuts for computers, cellphones, apps, texting, social media and more. For this piece, Lucas Coll tapped his experience as a longtime tech reporter to ensure that all information is accurate and offers the best possible advice to readers. We rely on credentialed experts with personal experience and know-how as well as primary sources including tech companies, professional organizations and academic institutions. We verify all facts and data and revisit them over time to ensure they remain accurate and up to date. Read more about our team, our contributors and our editorial policies.

Sources:

• Tony Anscombe, chief security evangelist for ESET; email interview, September 2025
• Dave Lewis, global advisory CISO at 1Password; email interview, September 2025
• Kaspersky: “Evil twin attacks and how to prevent them”
• Norton: “What is an evil twin attack? How to spot and avoid them”
• Statista: “Most common places personal information got compromised using public Wi-Fi according to adults in the United States as of October 2024”

This Gadget Is Banned in Checked Luggage

Is Your Phone Spying on You? What to Do

What Happens If You Don't Accept Cookies