An Australian man has been accused of setting up a fake Wi-Fi network on a domestic flight in order to obtain user information and credentials.
The 42-year-old, who has not been identified, “allegedly established fake free Wi-Fi access points, which mimicked legitimate networks, to capture personal data from unsuspecting victims who mistakenly connected to them,” according to a news release issued by the Australian Federal Police (AFP) last week.
The investigation was started a month earlier by the agency in response to a notification from an airline regarding a suspect Wi-Fi network that its staff discovered during a domestic trip. The agency added that the defendant was charged in May 2024.
Following that, on April 19, his luggage was searched, and a laptop, a mobile phone, and a portable wifi access device were found. On May 8, a search warrant was executed at his residence, leading to his arrest.
According to reports, the person impersonated authentic Wi-Fi networks by executing what is known as an evil twin Wi-Fi attack in a number of locations, including domestic flights and airports in Perth, Melbourne, and Adelaide.
When users tried to log in to the fake network, they were directed to a captive portal page where they had to provide their social media login credentials or email address.
“The email and password details harvested could be used to access more personal information, including a victim’s online communications, stored images and videos, or bank details,” according to the AFP.
Three counts of unlawfully impairing electronic communication and three counts of possessing or controlling data with the intent to commit a severe offence are levied against the defendant.
In addition, he faces charges of possessing identification information, dishonestly obtaining or dealing in personal financial information, and unauthorised access or modification of restricted data. He may spend a maximum of 23 years in prison if found guilty.
Inspector Andrea Coleman of AFP Western Command Cybercrime Detective stated, “To connect to a free Wi-Fi network, you shouldn’t have to enter any personal details — such as logging in through an email or social media account.”
“If you do want to use public Wi-Fi hotspots, install a reputable virtual private network (VPN) on your devices to encrypt and secure your data when using the internet.”