Rogue Access Point

A rogue access point (RAP) is a wireless network set up without the authorisation of the network owner, either by an external attacker or by an unwitting employee plugging in an unsanctioned router. When deployed maliciously, it mimics the name (SSID) and signal strength of a legitimate network — a hotel's guest Wi-Fi, an airport lounge network, or a corporate wireless network — to lure victims into connecting.

Once a device connects to a rogue access point, all unencrypted traffic passes through the attacker's equipment. The attacker can read credentials, session tokens, and personal data in plain text; inject malicious content into web pages; perform SSL stripping to downgrade secure connections; or redirect DNS requests to fraudulent sites. The attack requires only modest, inexpensive hardware and can be conducted in any public location.

Users can protect themselves by avoiding public Wi-Fi for sensitive tasks, using a VPN, verifying the exact network name with staff before connecting, and ensuring their devices are not set to auto-join open networks. Organisations can deploy wireless intrusion detection systems to identify unauthorised access points on their premises.