Australian police have arrested and charged a man with nine cybercrime violations for allegedly setting up fake public Wi-Fi networks to steal users’ data.
The man created “evil twin” Wi-Fi networks at airports, during flights, and in other locations linked to his “previous employment.” These networks tricked users into logging in with their email addresses or social media accounts, allowing the man to capture their login data.
Dozens of credentials were reportedly obtained, potentially enabling the man to access victims’ accounts and steal sensitive information, such as banking details.
Airline employees noticed one of the suspicious in-flight Wi-Fi networks. The unnamed Australian airline reported it to the police, who investigated in April and arrested the suspect in May.
Michael Clapsis appeared before Australia’s Perth Magistrates Court and has since been released on “strict” bail with limited internet access. He also had to surrender his passport. A now-deleted LinkedIn profile suggests Clapsis may have previously worked at a shipping company.
Clapsis faces charges including unauthorized impairment of electronic communication, possession or control of data with intent to commit a serious offense, unauthorized access or modification of restricted data, dishonestly obtaining or dealing in personal financial information, and possession of identification information with intent to commit an offense. He is scheduled to appear in court again in August.
Evil twin attacks typically offer free Wi-Fi that appears legitimate but has “login pages” designed to capture your data. Genuine Wi-Fi networks should never ask for social media credentials or account passwords. It’s good practice to use a VPN, such as Unseen Online Freedom VPN, and avoid public Wi-Fi networks when a more secure option is available.