What is Over-the-Air Credential Theft?
Over-the-Air Credential Theft is the act of stealing credentials “over-the-air”, often during Wi-Fi or VPN authentication. This is often accomplished using a Man-in-the-Middle (MITM) or Evil Twin attack: Spoofing an SSID within the physical vicinity of devices that are configured to connect to that SSID, causing devices to send their credentials to the spoofed SSID instead of the legitimate one. This can occur on campus, or at a nearby facility frequented such as a Cafe or Store. According to the 2018 Credential Spill Report, an average of 1 million credentials were exposed daily in 2017, with no indication that this number will decrease.