-640x358.jpg&w=1200&q=75)
Cybersecurity experts are warning travellers that fake “Evil Twin” WiFi networks can be used to steal crypto passwords and digital assets.
These attacks involve hackers cloning legitimate public WiFi networks to trick users into connecting unknowingly.
Once connected, attackers can intercept traffic or prompt users to reveal sensitive information.
Security specialists said Evil Twin networks are most common in airports, cafes, hotels, conferences and busy tourist locations.
Australian Federal Police charged a man last year for allegedly setting up fake airport WiFi networks to harvest personal data.
Steven Walbroehl said joining a fraudulent network alone does not automatically result in stolen crypto if no sensitive data is shared.
“Even if someone doesn’t see your private key, capturing your exchange credentials, email, or 2FA codes can let attackers drain centralised crypto accounts quickly,”
Steven Walbroehl said.
Experts said attackers often use fake login pages, software updates or prompts to trick victims into entering credentials.
23pds warned that victims are sometimes tricked into revealing seed phrases, despite ongoing awareness campaigns.
“Evil Twin attacks win by getting you to make a mistake, not by magically breaking encryption,”
23pds said.
Analysts stressed the main risk comes from phishing and social engineering rather than technical hacking.
Users were advised to avoid making crypto transfers or changing security settings while connected to public WiFi.
Security professionals said seed phrases should never be entered online, even if prompted.
Experts recommended manually typing exchange URLs and avoiding search ads when accessing crypto services.
Walbroehl said using personal mobile hotspots and disabling auto-connect features can reduce exposure.
If public WiFi is unavoidable, experts advised using a trusted VPN and confirming network names with venue staff.
A recent social media post highlighted how a user’s wallet was drained after mistakes made on hotel WiFi.
Kraken security chief Nick Percoco has also warned about weak security practices at crypto conferences.
Specialists suggested using separate wallets for travel to limit potential losses.
“If your phone gets stolen or you click a bad link, your downside is limited,”
23pds said.