A rogue access point attack is to create a wireless Wi-Fi network without encryption so that anyone can connect to it, and man-in-the-middle attacks are carried out against them. The rogue hotspot does not target Wi-Fi passwords, unlike the Evil Twin attack and most other Wi-Fi attacks. The main target is the user’s traffic against which the intermediary attack is being carried out (Shah, n.d.). For this situation, all the techniques of the man-in-the-middle attack are applicable. In other words, a fraudulent open access point is created, which encrypts its name under the names of firms, organizations around, making it possible to capture the traffic of everyone who connects to it. If one creates several hotspots at the airport named airportN_freeWiFi or, for example, Starbucks, users will trust the name and go to them. In traffic theft, one can get banking data, personal correspondence data, and much more, violating integrity, availability, and data confidentiality.
Indeed, the Evil Twin is similar to the rogue hotspot described by Sparkle. Data is at risk with this connection method. However, in some cases, when it is possible to clarify with the staff which of the available connections is exactly theirs, this must be done to deprive yourself of the possibility of accessing the Internet. In addition, it may be worthwhile for businesses to develop QR codes or other technologies that identify the network where the guest should connect. Intruders will be very limited in this situation, enabling the user to use an open access point safely.
With the help of special equipment, the Evil Twin makes the signal more accessible to the victim, which psychologically affects the choice of the victim. Refusing to use the Internet if it is impossible to specify a secure network will be appropriate if the traffic contains confidential information. It is worth noting that not every user will be able to control their traffic; an unexpectedly received call, message on social networks, or e-mail can also be intercepted by intruders and used for unscrupulous purposes.
Reference
Shah, A. (n.d.). Rogue access points. Khan Academy. Web.