Earlier this year, Australian police arrested a passenger for running a malicious Wi-Fi network both at an airport and during a flight. The setup looked just like the airline’s own Wi-Fi service, but it wasn’t. Instead, it was what cybersecurity researchers call an “evil twin,” a fake hotspot designed to trick people into handing over their credentials.
The idea isn’t new, but the setting is. For years, fake Wi-Fi networks have been a common trick in cafes, hotels, and airports. What makes this case stand out is that the attacker took it to the skies, exploiting the growing reliance on in-flight Wi-Fi for entertainment and internet access.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CyberGuy.com newsletter.
An evil twin hotspot is a wireless network that impersonates a legitimate one by copying its name, also known as the SSID. When multiple networks with the same name exist, your phone or laptop often connects to the one with the stronger signal, which is usually the attacker’s.
Travelers check their phones while navigating delays and flight cancellations at the Austin-Bergstrom International Airport on July 19, 2024, in Austin, Texas. (Brandon Bell/Getty Images)
Once connected, victims are often redirected to a fake login or landing page. In this case, the malicious portal requested passengers’ email addresses, passwords, or even social media credentials under the pretense of granting access to the airline’s entertainment system. The stolen information could then be used for account takeovers, identity theft, or further attacks.
Travel creates a perfect storm for these kinds of attacks. Whether you’re in a hotel, airport, cruise ship or airplane, you often have limited choices for getting online. Mobile data may be patchy or expensive, which pushes people toward the available Wi-Fi networks. Because these services feel official and are tied to trusted brands, travelers tend to assume they’re safe and let their guard down when login requests pop up.
Another trend adds to the risk. Travel providers are increasingly moving entertainment and services onto personal devices instead of offering built-in options. Airlines replace seatback screens with streaming portals, cruise lines promote app-based services and hotels direct guests to digital check-in platforms. All of these require a Wi-Fi connection, which means more people are logging on than ever before.
QANTAS DATA BREACH EXPOSES MILLIONS OF CUSTOMER RECORDS
Here’s how it worked in the Australian case. The attacker carried a portable hotspot onboard and named it to match the airline’s official Wi-Fi network. Passengers, seeing the fake network with stronger signal strength, connected automatically. They were then taken to a counterfeit login page asking for personal details.
A traveler awaits their delayed luggage after United Airlines grounded flights due to a tech outage at Newark Liberty International Airport in Newark, New Jersey, Aug. 6, 2025. (REUTERS/Ryan Murphy)
On a flight, the consequences are amplified. Passengers either give in and share data or lose access to entertainment for hours. The success rate of this attack is, quite literally, sky-high.
YOUR DISCARDED LUGGAGE TAGS ARE WORTH MONEY TO SCAMMERS
One of the best defenses against rogue Wi-Fi is a Virtual Private Network, or VPN. A VPN creates an encrypted tunnel between your device and the internet, making it far harder for attackers to intercept your data even if you connect to the wrong hotspot.
There is a catch, though. In-flight Wi-Fi systems often require you to disable your VPN temporarily to access the onboard portal. Even then, a VPN remains an important safeguard. Once you have cleared the login page and, if you have paid, connected to the internet, enabling your VPN ensures that any browsing, messaging, or app traffic stays private.
For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices at CyberGuy.com.
A VPN is important, but it isn’t the only defense you should rely on. Here are some other ways to stay safe when connecting midair:
Before you even think about connecting to in-flight Wi-Fi, make sure your device has a strong antivirus installed. It’s your first line of defense against malicious sites and apps that attackers may try to push through fake portals. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.
James Garofalo of Colorado Springs is checking cellphone after his flight cancelation at Denver International Airport in Denver, Colorado, on Thursday, Dec. 22, 2022. (Hyoung Chang/The Denver Post)
Even if an attacker manages to steal your login credentials, 2FA can stop them from getting into your accounts. Use app-based authenticators rather than SMS codes whenever possible, since they work offline and are harder to intercept.
Most phones and laptops are set to reconnect automatically to familiar networks. This makes it easier for a fake hotspot with the same name to trick your device. Before you board, switch off auto-connect and manually choose the correct airline Wi-Fi.
When browsing in-flight, check for the padlock icon in your browser’s address bar. HTTPS encrypts the connection between your device and the website, making it harder for attackers on public Wi-Fi to intercept your data.
Even with precautions, in-flight Wi-Fi should be treated as untrusted. Avoid logging in to sensitive accounts like online banking or work systems. Stick to light browsing, streaming or messaging until you’re back on a secure connection.
Outdated operating systems and apps often have security holes attackers exploit. Before your trip, install the latest updates on your phone, tablet or laptop. Many updates include security patches that protect you against known vulnerabilities.
When possible, switch your device to airplane mode and then enable only Wi-Fi. This reduces exposure from other radios (like Bluetooth or cellular roaming) that attackers sometimes target on flights.
Some fake in-flight portals use pop-ups or redirects designed to trick you into entering login details or clicking on malicious links. If a page asks for unnecessary information, like your full Social Security number, banking details or unrelated logins, treat it as a red flag. Close the page immediately and don’t click.
When the flight is over, sign out of the airline’s Wi-Fi portal and any accounts you accessed. This prevents session hijacking if the system keeps tokens cached.
CLICK HERE TO GET THE FOX NEWS APP
The rise of evil twin attacks in the air is a reminder that convenience often comes with hidden risks. As airlines push more passengers toward in-flight Wi-Fi, attackers are finding ways to exploit that dependency. Next time you fly, think twice before blindly connecting to the first Wi-Fi network that pops up. Sometimes, the safest choice is to stay offline until you land.
Would you rather go a few hours offline than risk using an untrusted hotspot midair? Let us know by writing to us at CyberGuy.com.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CyberGuy.com newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
If you rely on an older Android device, whether it's a phone, tablet or car…
New research may shock a lot of Apple fans: iPhone users are actually more likely…
Shopping has gone digital, and with it comes a whole new language. From the way…
AI browsers are no longer just an idea; they're already here. Microsoft has built Copilot…
IN TODAY’S NEWSLETTER: - Zuckerberg’s AI glasses suffer live demo hiccup at major tech event-…
Buying refurbished electronics sounds like a no-brainer. You get the latest gadgets at a fraction…