about Starbucks taking over the world? Don’t. What you really need to worry
about is its evil twin.
dreaded “evil twin attack” is the latest in a long line of maladies that can
afflict your computer. Experts say it can occur at virtually any hot spot where
you use Wi-Fi to access the Web.
how it works: You pull up to your favorite truck stop – or Starbucks or any
other location offering high-speed wireless Web access – pull out the lap top
and hook up to the Internet.
you don’t know is that someone nearby – perhaps in the building next to your
favorite truck stop – has set up another hot spot, overlapping the truck
stop’s. That sneaky someone sets up their hot spot to look and act like the
W. Klaus of Internet Security Systems says the evil twin hot spot will
typically use a stronger signal than the legit base station, causing the poor
trucker to unknowingly hook into the wrong system.
you’re connected, the “evil twin” can watch and record everything you do – including typing in passwords, credit card or Social Security numbers.
the fraudulent hot spot mirrors the real one, computer geeks have named this
particular type of attack “evil twin.”
‘evil twin attack’ is an example of the increasing sophistication of wireless
attacks,” Richard Rushing of AirDefense, an Alpharetta, GA-based computer
security firm, said in a news release. “People are lulled into a false sense of
security with personal firewalls.”
worry – the chances that you’ll be the victim of an “evil twin” are not very
big, says Robert Vamosi, a writer with technology Web site CNet.
that, you should take steps to protect your computer. A personal firewall is a
good start, but you should do more.
recommends using Wired Equivalent Privacy encryption or the new Wi-Fi
Protected Access standard. You can buy Trend Micro PC-cillin Internet Security
2005 to monitor your wireless connections. And Rushing’s company, AirDefense,
says its product is designed to protect users from “evil twin attacks” and
also advises users to enter personal information into only those Web sites
protected by SSL – the Secure Socket Layer standard.
H. Reddig, associate editor