In security, an evil twin is a home-made wireless access point that masquerades as a legitimate hot spot to gather personal or corporate information without the end-user's knowledge.
It's fairly easy for an attacker to create an evil twin, simply by using a mobile Internet device -- such as a laptop or smartphone -- and some readily-available software. The attacker positions himself in the vicinity of a legitimate Wi-Fi access point and lets his Internet device discover what name (SSID) and radio frequency the legitimate access point uses. He then sends out his own radio signal, using the same name.
To the end-user, the evil twin looks like a hot spot with a very strong signal; that's because the attacker has not only used the same network name and settings as the "good twin" he is impersonating, he has also physically positioned himself near the end-user so that his signal is likely to be the strongest within range. If the end-user is tempted by the strong signal and connects manually to the evil twin to access the Internet, or if the end-user's computer automatically chooses that connection because it is running in promiscuous mode, the evil twin becomes the end-user's Internet access point, giving the attacker the ability to intercept sensitive data such as passwords or credit card information.
Evil twins are not a new phenomenon in wireless transmission. Historically they have been called base station clones or honeypots. What's different now is that more businesses and consumers are using wireless devices in public places and it's easier than ever for someone who doesn't have any technical expertise to create an evil twin. To protect yourself from evil twin network connections, experts recommend that you only use public hot spots for Web browsing and refrain from shopping or banking. To protect corporate data, experts recommend that when wireless, you only connect to the Internet through a VPN and always use WEP or WPA encryption.