Someone created a bait Wifi with the same name

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
708
Hi guys

Strange thing happened. I have 2 separated WIFI network. Guess network and my personal network with a loooong pasword.
Yesterday my girlfriend's phone couldn't connect to our WIFI because some kind of authentication problem. I was too tired to solve her problem and our network provider grant an alternate WIFI network, so she could connect to the Internet.

Today my smart tv also dropped from the WIFI. I wanted to reconnect but I saw a a foreign OPEN WIFI network with the same name.
I'm sure someone want to steal something, Facebook password or I do not know. Even if I'm careful my guests and my girlfriend are not. They are not tech savvy.
Of course I can rename the network but how to prevent this kind of attack in the future?

Thank you

Untitled.png
 

jogs

Level 22
Verified
Top Poster
Well-known
Nov 19, 2012
1,112
I feel lucky that I don't have people around me who are so much tech-savvy that they can create this kind of problem for me.
It also makes me wonder how much careful we need to be on a daily basis, its sure difficult for most people.
 

SeriousHoax

Level 47
Well-known
Mar 16, 2019
3,630
I hide my network and change both the name and password for my network on a regular basis. I also type in the Mac address for every connected device in my household and only allow those to connect.
This is probably the best solution. Personally I do the same. Save Mac address of the devices in the Access Control List so no one else can connect to my network even if they know the wifi password.
 

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
Meanwhile the teenage kid next door to me is still trying to breach my network. I told him he could, he wants to test, improve and refine his pen testing skills. He didn't want to know what kind of security setup I have on my home network. I'll give him another couple of days of pulling his hair out and then I'll break the news to him regarding my network setup. Even the simple trick above.

I was mowing the lawn last week and he asked if I'd mind if he practised his hacking/pen testing skills to try and breach my network just for experience. He's a bright kid. In a couple of days I'm going to set a guest network up for him and still keep security tight but I'll leave just enough room for him to breach my network but it's still going to be difficult. He did say he wanted experience lol. He's friends with my son and his parents aren't tech savvy at all so it makes his day when he can chat to me about all the stuff he's learning and wants to do. He's definitely going to have a bright future in IT. He asked another neighbour the same question he asked me, but not only did he breach the other neighbours network he also left a text file on one of that neighbours old laptops desktop saying Winning... lol. I never check other peoples networks unless I'm asked to. So, as you can imagine the other neighbour asked me to secure his network. To be honest its beyond me how the neighbour with the weak network and indeed weak and vulnerable systems haven't been seriously breached as in had their bank details stolen, all their personal info and data stolen etc. His router was an old one provided by his ISP. I asked why he hadn't at the very least asked his ISP for a new router and he just shrugged. Anyway I've cleaned all his systems, made sure they're secure but not invasive security, dine the same thing I mentioned in my previous comment on his router too, that was after going with him to buy a new router, nothing special but it's new, updated and secure enough for him and his family.

The trick the OP mentioned is a very sneaky little trick isn't it. I've seen that before. Its basically phishing isn't it but at the network level.

OP - Have you also changed the default password on your router for the admin console? The last thing you want is the person who carried out this attack to gain access to your admin router console. I'd definitely hide your network, only allow devices that you've manually typed in the mac addresses into your router for to connect, change your default router password too. And, I know its PITA but change your network name even though its hidden and your WIFI password randomly. So you could change those details after 3-6 months or you could change them next month. Just make sure theres no pattern to you changing those details.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Hiding your Wireless SSID is not a good idea, and actually makes you more vulnerable / a target. You can look online for an explanation. It's better to keep the generic router-issued SSID name as it blends into your neighbourhood's existing network.

I would also check your Router settings to see if you're broadcasting an open network, as some routers do allow this option.
 
Last edited:
L

Local Host

Hiding your Wireless SSID is not a good idea, and actually makes you more vulnerable / a target. You can look online for an explanation. It's better to keep the generic router-issued SSID name as it blends into your neighbourhood's existing network.

I would also check your Router settings to see if you're broadcasting an open network, as some routers do allow this option.
I disagree, your network would need to be spoofed for someone to find your SSID without consent, is overall more secure at the expense of convenience.

Adding to that MAC checks and WP2 AES with a strong password, you'll have one of the most secure Home Networks in the neighborhood (especially considering the majorly of people, don't even touch their router settings).

I even get bored that no one even tries to enter my network, leave alone be successful.
 

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
I disagree, your network would need to be spoofed for someone to find your SSID without consent, is overall more secure at the expense of convenience.

Adding to that MAC checks and WP2 AES with a strong password, you'll have one of the most secure Home Networks in the neighborhood (especially considering the majorly of people, don't even touch their router settings).

I even get bored that no one even tries to enter my network, leave alone be successful.
I also disagree with @Spawn on this matter. And you're spot on. It's ok reading articles online saying making these changes makes you less secure but in practice it definitely strengthens your home network, especially as you pointed out that most people don't touch their routers. The only way you'd be vulnerable is if someone is searching for local networks to breach and if that happens it's a targeted attack anyway. Plus listing only allowed MAC addresses is another security step. A friend of mine runs a small company he's pretty tech savvy and he's always hidden his network and listed only trusted MAC addresses. If anyone wants to use his network they either have to ask him directly or hack him. If someone is looking to hack our networks the network being hidden won't help much, but adding only trusted MAC addresses and changing your router's default password will.

I'd much rather hide my network, add the MAC addresses for devices in my household, change my default router password to a much stronger one, then change said password on a semi regular basis as well as doing the same with my WIFI password, nice strong password changed on a semi regular basis. It's much better than leaving everything default. Making those simple changes definitely helps. Blending in with other local networks won't do much at all it just adds you to the list of networks the attacker is going to try and breach without said hacker having to also include hidden networks in his scan.

If I was going to try and breach someones home network I'd rather be able to 1. See the network even though it's easy enough to scan for hidden networks (But, out of sight out of mind comes up here) 2. Not have all the household devices listed as the only devices that can connect to that network. 3. I'd prefer it if the network I was attempting to breach had a default router password and a weak WIFI password. It would make life a lot easier for me. Most of the people I know and work with or have worked with in the past all make those simple changes to their network among other things.

You're comment was absolutely spot on. (y)
 

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
Hiding your SSID only makes you more of a target if a hacker is looking for a network to target already. And that's mainly because the hacker is going to see the hidden network and be curious why said network is hidden i.e valuable data and see it that the householder may be tech savvy which may present a challenge and in return possibly make the hacker think that he/she has actually got a challenge on their hands.

For day to day usage hiding your SSID is good practice as id listing the MAC addresses of the devices in your household and only allowing those.
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
You should change the default SSID(s), for a couple reasons, one technical one not.

Using a default or common SSID, can make it easier for bad guys to crack the WPA2 encryption. The network name is part of the encryption algorithm, and password cracking dictionaries (rainbow tables) include common SSIDs. Thus, a popular SSID makes the hacker’s job easier. On a totally different level, you don't appear to be technically clueless. Anyone who has not changed the default network name is immediately pegged as a non-techie whose defenses are likely to be poor. There might as well be a "hack me" sign on the network. I have seen others argue that changing an SSID that has the vendor name in it is good for security, as it hides the company that made your router. It does not. The identity of the hardware vendor is advertised for the world to see in the MAC address that the router broadcasts. Even if you change a default SSID of "Linksys" to "Netgear", anyone with a Wi-Fi survey app such as WiFi Analyzer on Android can tell that the router was made by Linksys.
keep WiFi off when not in use.
Your router probably has an option to hide the SSID, usually a checkbox for whether or not to "broadcast" the name (it may also be called "network cloaking"). When enabled, it requires you type in the name of the network when connecting, rather than picking the network from a list of those detected nearby. Hiding the SSID has been called a security feature on the theory that bad guys can't hack into a network they can't see. But, the protection offered by not broadcasting the SSID is trivially easy to bypass. In my opinion, and the opinion of many experts, hiding the network name is not worth the operational hassle. Let the name be broadcast.

The best use of SSID hiding is as a litmus test. Any article that suggests doing so for security reasons is not worth reading. Much like MAC address filtering. For example, Consumer Reports magazine suggested hiding your SSID in a November 2016 article 66 Ways to Protect Your Privacy Right Now (item 48). April 15, 2018: A reader raised an interesting question - what about a Wi-Fi network that is devoted to IoT devices? Since no people will be connecting to the network, there is no reason to broadcast the SSID. On the one hand, perhaps not broadcasting the SSID in this case would make the network a bit more secure. On the other hand, it might attract the attention of bad guys in the neighborhood who might think it was worth attacking the network specifically because the owner went to the trouble of hiding it.
 

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,730
This is a good discussion. There is a lot of discussion of locking down devices on this forum, but a lot less about network security. My router is set up to only allow devices once they are approved. I know Glasswire has a feature that will watch for copycat networks. Would be a good feature in most routers.
 

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
Hiding your SSID will almost certainly make any bad actors want to delve deeper and see why you've enabled that feature. A lot of bad actors may just sutomactily think that you're simply trying to make your WIFI a little bit harder yo find incase one of your neighbours try hiding your WIFI.

Its something I've done for years. And, along with manually typing in all the mac address's for the devices in my household into my router and locking the router down to only allow those devices. As stated above I also change both my router console password on a semi regular basis and my WIFI password. And, instead of creating a guest account I've got a mobile router that I only switch on if a visitor asks if they can login to my WIFI to check their emails etc so as to save their mobile data.

I also don't use my home network to share files between devices. I like to lock each device down as much as I can so each one is isolated to a degree from other devices on my network.

I also use a separate hardware firewall.

I agree with the post above - I think it would be a great idea if we started discussing home network security more. From simple things we can do to help protect our network, to software we can uses and hardware. Including building your own home hardware firewall.

The OP has provoked a good discussion indeed. And we all have different ways of doing things, so it doesn't matter if a user is s guru or just tech savvy enough to get by we can all learn from each other.

Discussions such as this also helps refresh peoples memory and awareness regarding home network security.

Improving home network security can range from completely free only requiring a bit of your time or people could spend a tiny amount of money and build their own home hardware firewall etc. Or people can spend a lot of money and make sure their home network is using the latest home network security hardware available.

I'm looking forward to further replies on this thread.

Microsoft could possibly make a lot of money building a next gen router similar to Gryphon or even the Bitdefender box. But, none of us would trust it for obvious reasons, telementery etc.
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
I'm very happy see a thread like this as it shows people do also care about their network security. Of course the more the merry but this is better than nothing.

Personal I wish ISPs could be a bit more active and responsible and in some countries/regions it works pretty well with good product offers, automatic updates etc.
 

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
Personal I wish ISPs could be a bit more active and responsible and in some countries/regions it works pretty well with good product offers, automatic updates etc.

^^ Spot on. I also think ISP's should take more responsibility. Maybe providing better routers with an AV or AI built in and a few other extras. I think we're heading in that direction but ISP's need to be more proactive especially when dealing critical and emergency services etc. ISP's could offers routers that would block a lot of Malware/Ransomware from even entering the network. Although I can also see the challenges they's face by doing that and we'd have to be careful we didn't end up like China lol. ISP's definitely need to be more productive especially with IoT devices becoming more and more popular for average people in their homes now.
 

Thales

Level 15
Thread author
Verified
Top Poster
Well-known
Nov 26, 2017
708
Really thanks for all advices guys. :emoji_pray:
Yes, I changed the default password of the router a couple of months ago.
I did setup a main network with 50 char long password but I also have a separated guest network with a less complex password for the smart TV and for my girlfriend.
I changed my SSID to be similar to the other 15-20 WI-FI networks I can find.
I will setup the MAC address filtering but I'm not sure that I should hide my SSID
because right now it just looks like the others.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top