How do you spot a fake WiFi name?
Look-alike and invisible characters can make a rogue network render pixel-identical to yours. Here’s why your eye can’t catch it — and what can.
You usually can’t spot a fake WiFi name by looking — and that’s deliberate. A homoglyph SSID uses Unicode characters that render identically to normal letters, so a rogue “CityCafe” spelled with a Cyrillic “а” looks pixel-perfect while being a different string to the computer. The reliable catch isn’t your eye; it’s reducing every nearby name to a canonical form and flagging two that look the same but aren’t.
A network that looks pixel-identical to yours — spelled with letters that aren’t.
Cyrillic а
Confusables and characters that render as nothing
Unicode is full of characters that look like common Latin letters. An attacker substitutes one or more of them into a trusted SSID: a Cyrillic or Greek look-alike, an Arabic-Indic digit, an em-dash for a hyphen — or, more insidiously, an invisible zero-width character that renders as nothing at all.
Either way, the name passes a human glance, and a distracted user taps connect — usually onto an evil-twin access point waiting behind the look-alike name.
How canonical comparison catches it
Since the eye is unreliable here, detection reduces every nearby network name to a canonical comparison key: drop invisible and zero-width characters, normalize the text, strip combining marks, map every Unicode digit to ASCII, and apply a curated confusables table for the substitutions normalization misses.
When two networks produce the same canonical key but have different raw characters, that’s a look-alike. (Good detection deliberately does not case-fold — SSIDs are case-sensitive, and a capitalization difference isn’t an attack.)
Catch it before you connect — and after
Detection here is mostly about awareness before you connect: being told a look-alike of your network is broadcasting nearby, including the invisible-character tricks no human eye would notice. And if you do connect to the impostor anyway, the evil-twin and ARP detectors take over.
Catching it automatically
WifiThreatWatch canonicalizes every nearby SSID and warns you when a look-alike of your network appears — the confusable substitutions and invisible characters most software (and every human) would miss. It’s a medium-severity alert, and it’s free.
Go deeper: how we detect look-alike SSIDs · detecting evil twins · the threats library
Fake WiFi names: quick answers
How can I tell if a WiFi network name is fake?
You often can’t by eye — that’s the whole point of a homoglyph (look-alike) name. It uses Unicode characters that render identically to normal letters, so “CityCafe” spelled with a Cyrillic “а” looks pixel-perfect but is a different string. The reliable way to catch it is software that reduces every nearby SSID to a canonical form and flags two networks that look the same but are spelled with different characters.
What is a homoglyph attack?
A homoglyph attack uses characters that look like other characters to impersonate a trusted name. In WiFi, an attacker names a rogue network with look-alike code points — a Cyrillic “а” for a Latin “a,” an em-dash for a hyphen, or invisible zero-width characters — so the network name passes a human glance while being a completely different string to the computer. It’s usually paired with an evil-twin access point.
Can two WiFi networks have the same name?
Yes, legitimately — a mesh system broadcasts one name from several radios, and chain venues reuse names across locations. That’s why a look-alike is more subtle than a duplicate: the attacker doesn’t reuse your exact name (which would collide), they use one that renders the same but is spelled differently, so it sits beside yours without conflict.
Do invisible characters really work in WiFi names?
Yes. A zero-width space or other invisible format character can be spliced into a trusted name; it renders as nothing, so the SSID looks identical, but the underlying bytes differ. No human eye — and most software — would ever notice. Canonical comparison drops those invisible characters before comparing, which is exactly how you catch the trick.