How to protect yourself from fake airline Wi-Fi scams while traveling

Earlier this year, Australian police arrested a passenger for managing a malicious Wi-Fi network at the same time at an airport and during a flight. The configuration looked like the airline’s own Wi-Fi service, but that was not the case. Instead, this is what cybersecurity researchers call an “evil twin”, a false hotspot designed to encourage people to put their references.

The idea is not new, but the parameter is. For years, false Wi-Fi networks have been a common tip in cafes, hotels and airports. What distinguishes this affair is that the attacker took him to the sky, exploiting the growing dependence of Wi-Fi in flight for entertainment and internet access.

Register for my free cyberguy report
Get my best technological advice, my urgent safety alerts and my exclusive offers delivered directly in your reception box. In addition, you will have instant access to my survival guide at the ultimate – free swindle when you join my Cyberguy.com Bulletin.

What is a bad twin Wi-Fi attack?

A evil twin hotspot is a wireless network that is the identity of a legitimate in copying its name, also known as SSID. When several networks with the same name exist, your phone or laptop often connects to that with the strongest signal, which is generally that of the attacker.

Travelers check their phones while browsing the delays and flight cancellations at Austin-Bergstrom international airport on July 19, 2024 in Austin, Texas. (Brandon Bell / Getty Images)

Once connected, the victims are often redirected to a false connection or destination page. In this case, the malicious portal requested passenger email addresses, passwords or even social media identification information on the pretext of granting access to the airline entertainment system. Stolen information could then be used for taking accounts, identity theft or other attacks.

Why Wi-Fi trips are a main target

The trip creates a perfect storm for this kind of attack. Whether you are in a hotel, an airport, a cruising boat or a plane, you often have limited choices to connect online. Mobile data can be uneven or expensive, which pushes people to available Wi-Fi networks. Because these services feel official and are linked to trusted brands, travelers tend to assume that they are safe and drop their guard when connection requests appear.

Another trend adds to the risk. Travel providers are moving more and more entertainment and services on personal devices instead of offering integrated options. Airlines replace file screens with streaming portals, cruise lines promote application services and hotels decrease customers to digital recording platforms. All these elements require Wi-Fi connection, which means that more people connect than ever.

Qantas data violation exposes millions of customer files

How the pirates deceive you with a false wi-fi in flight

Here’s how it worked in the Australian case. The striker transported a portable hotspot on board and appointed it to correspond to the official Wi-Fi network of the airline. The passengers, seeing the false network with a stronger signal force, connected automatically. They were then taken on a counterfeit connection page asking for personal details.

A traveler awaits his delayed luggage after United Airlines founded flights due to a failure of technology at Newark Liberty International Airport in Newark, New Jersey on August 6, 2025. (Reuters / Ryan Murphy)

On a flight, the consequences are amplified. Passengers give in and share data or lose access to entertainment for hours. The success rate of this attack is, literally, high.

Your thrown luggage labels are worth money for crooks

Why do you need a VPN for Wi-Fi in flight

One of the best defenses against Snape Wi-Fi is a virtual private network, or VPN. A VPN creates an encrypted tunnel between your device and the Internet, which makes attackers much more difficult to intercept your data even if you connect to the bad Hotspot.

However, there is a catch. Wi-Fi systems in flight often force you to temporarily deactivate your VPN to access the on-board portal. Even then, a VPN remains a significant backup. Once you have erased the connection page and, if you have paid, connected to the Internet, the activation of your VPN guarantees that any navigation, messaging or application traffic remains private.

For the best VPN software, see my review experts from the best VPNs to browse the web in private on your Windows, Mac, Android and iOS devices has Cyberguy.com.

9 tips for using Wi-Fi in flight securely

A VPN is important, but it is not the only defense you should count on. Here are some other ways to stay safe when connecting the air:

1) Install strong antivirus software

Before you even think about connecting to Wi-Fi in flight, make sure that your device has a strong antivirus installed. It is your first line of defense against sites and malicious applications that attackers can try to pass through false portals. This protection can also alert you to phishing emails and ransomware scams, protecting your personal information and digital assets.

Get my choices for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices Cyberguy.com.

James Garofalo by Colorado Springs checks the mobile phone after canceling the flight at Denver International Airport in Denver, Colorado, Thursday, December 22, 2022. (Hyoung Chang / The Denver Post)

2) Activate two factors authentication (2FA)

Even if an attacker manages to steal your connection identification information, 2fa may prevent them from entering your accounts. Use authenticators based on applications rather than SMS codes whenever possible, because they work offline and are more difficult to intercept.

3) Disable automatic Wi-Fi connections

Most phones and laptops are defined to automatically reconnect on familiar networks. This facilitates a false hotspot with the same name to deceive your device. Before getting on board, turn off auto-connect and manually choose the right Wi-Fi of the airline.

4) Use https everywhere

When you travel in flight, check the padlock icon in the address bar of your browser. HTTPS crypt the connection between your device and the website, which makes it more difficult for attackers on public Wi-Fi to intercept your data.

5) Limit what you access

Even with precautions, Wi-Fi in flight must be treated as unreliable. Avoid connecting to sensitive accounts such as online banks or work systems. Get light navigation, streaming or message until you are back on a secure connection.

6) Keep your device up to date

Obsolete operating systems and applications often have safety holes, attackers operate. Before your trip, install the latest updates on your phone, tablet or laptop. Many updates include security fixes that protect you from known vulnerabilities.

7) Use plane mode with Wi-Fi only

When possible, switch your device in aircraft mode, then activate only Wi-Fi. This reduces the exposure of other radios (such as Bluetooth or cell roaming) that attackers sometimes target on flights.

8) Monitor phishing pop-ups and avoid suspect clicks

Some false flight portals use contextual windows or redirects designed to encourage you to enter connection details or click on malicious links. If a page requires unnecessary information, such as your full social security number, bank details or unrelated connections, process it as a red flag. Close the page immediately and do not click.

9) Disconnect yourself after use

When the flight is finished, log out of the airline’s Wi-Fi portal and all the accounts you have had. This prevents the diversion of session if the system maintains the chopped tokens.

Click here to obtain the Fox News app

Kurt de Kurt to remember

The rise in evil twin attacks in the air is a reminder that convenience is often accompanied by hidden risks. While airlines push more passengers to Wi-Fi in flight, attackers find ways to exploit this dependence. The next time you fly, think twice before you blindly connect to the first Wi-Fi network that appears. Sometimes the safest choice is to stay offline until you land.

Do you prefer to move a few hours offline than to risk using an unreliable outdoor hotspot? Let us know by writing to Cyberguy.com.

Register for my free cyberguy report
Get my best technological advice, my urgent safety alerts and my exclusive offers delivered directly in your reception box. In addition, you will have instant access to my survival guide at the ultimate – free swindle when you join my Cyberguy.com Bulletin.

Copyright 2025 cyberguy.com. All rights reserved.