Evil Twin

Definition of Evil Twin

An Evil Twin is a malicious Wi-Fi network created by a hacker or cybercriminal, designed to impersonate a legitimate Wi-Fi network. It’s often set up in public places with the intent to trick users into connecting to it, enabling the attacker to steal data or personal information. Consequently, users can become vulnerable to malware, phishing, and other online threats.


The phonetic pronunciation of the keyword “Evil Twin” is:/iːvəl twɪn/

Key Takeaways

  1. Evil Twin is a type of cyber attack where an attacker creates a malicious Wi-Fi network that mimics a legitimate one to trick users into connecting and sharing sensitive information.
  2. Attacks can be prevented by using a Virtual Private Network (VPN), enabling two-factor authentication, and only connecting to secure and known Wi-Fi networks.
  3. Evil Twin attacks are especially dangerous in public places like airports, hotels, and cafes, where users are more likely to connect to Wi-Fi networks without verifying their legitimacy.

Importance of Evil Twin

The term “Evil Twin” is important in technology because it refers to a malicious Wi-Fi network or access point that impersonates a legitimate one, with the intent of tricking users into connecting to it.

This cyber threat enables attackers to intercept sensitive information, such as login credentials, credit card details, or personal data, without the user’s knowledge.

By understanding the concept of Evil Twin, individuals and businesses can better protect their digital assets, adopt robust security measures, and raise awareness among users about potential vulnerabilities in wireless networks.

This ultimately contributes to a safer online environment and reduces the risk caused by cybercriminals exploiting these false networks for malicious purposes.


Evil Twin, in the realm of technology and cybersecurity, refers to a fraudulent Wi-Fi access point that appears to be legitimate but is actually established by a malicious actor seeking unauthorized access to sensitive data and personal information from unsuspecting users. The perpetrators of an Evil Twin often mimic the characteristics of a known and trusted network, such as a Wi-Fi network in a cafe or hotel, in an attempt to fool users into connecting to it.

Once a user is connected to the Evil Twin, the attacker can monitor their internet activity, steal login credentials, or inject malicious software onto their devices. The primary purpose of an Evil Twin attack is to exploit the inherent trust users place in familiar network names, making it easier for hackers to collect sensitive and valuable information.

Cybercriminals may use this information for financial gain, identity theft, or corporate espionage, depending on the target. By understanding the risks and threats posed by Evil Twin attacks, individuals and businesses can take the necessary precautions to protect their sensitive data, such as using a virtual private network (VPN), implementing robust network security measures, and educating users around the importance of verifying network authenticity before connecting.

Examples of Evil Twin

An Evil Twin is essentially a rogue Wi-Fi access point set up to mimic a legitimate one with the intent of intercepting users’ data or gaining unauthorized access to their devices. Here are three real-world examples of how Evil Twin attacks have been used:

Coffee Shop Attack: In a popular coffee shop offering free Wi-Fi access to its customers, an attacker sets up an Evil Twin named “Coffee Shop Wi-Fi” in order to trick patrons. Unsuspecting customers connect to the fake network, and the attacker then gains access to their sensitive information, including login credentials, credit card details, and other personal data.

Hotel Wi-Fi Attack: A hacker targets a hotel that provides Wi-Fi to guests. The attacker creates an Evil Twin by setting up a rogue access point with a name similar to the hotel’s legitimate Wi-Fi network, like “Hotel Guest Network” or “Hotel Wi-Fi.” When guests connect to the fake network, the attacker can intercept their data, install malware on their devices, or redirect them to phishing sites.

Airport Wi-Fi Attack: At a busy airport, a cybercriminal sets up an Evil Twin access point named “Free Airport Wi-Fi.” Travelers looking for internet access connect to the rogue network, inadvertently granting the attacker access to their devices and personal information. The attacker could also use a man-in-the-middle attack to intercept sensitive data or potentially carry out further cybercrimes.

Evil Twin FAQ

What is an Evil Twin?

An Evil Twin is a malicious access point set up by a cybercriminal, designed to mimic a legitimate Wi-Fi network. Its purpose is to trick users into connecting to it, intercepting their data and potentially gaining unauthorized access to their devices.

How can I identify an Evil Twin?

To identify an Evil Twin, check the list of available Wi-Fi networks and look for duplicate names or suspiciously similar names to the network you want to connect to. Also, look out for poor signal strength or slow connection, which could be an indication of an Evil Twin.

How can I protect myself from an Evil Twin attack?

To protect yourself from an Evil Twin attack, always use encrypted connections, avoid connecting to open Wi-Fi networks, and use a trusted VPN service. Additionally, make sure to keep your device’s operating system and antivirus software up-to-date.

What should I do if I’ve connected to an Evil Twin network?

If you’ve accidentally connected to an Evil Twin network, disconnect immediately. Then, perform a full system scan for malware or viruses, change your passwords, and monitor your accounts for any suspicious activity.

How can I prevent my Wi-Fi network from being targeted by an Evil Twin attack?

To prevent your Wi-Fi network from being targeted, implement strong security measures such as using WPA2 or WPA3 encryption, setting up a secure firewall, and regularly updating your router’s firmware. Also, use a strong and unique SSID to make it harder for cybercriminals to impersonate your network.

Related Technology Terms

  • Wi-Fi Spoofing
  • Rogue Access Point
  • Wireless Phishing
  • Man-in-the-Middle Attack
  • Wireless Network Security

Sources for More Information


About The Authors

The DevX Technology Glossary is reviewed by technology experts and writers from our community. Terms and definitions continue to go under updates to stay relevant and up-to-date. These experts help us maintain the almost 10,000+ technology terms on DevX. Our reviewers have a strong technical background in software development, engineering, and startup businesses. They are experts with real-world experience working in the tech industry and academia.

See our full expert review panel.

These experts include:


About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

More Technology Terms

Technology Glossary

Table of Contents