Unraveling the Mystery of Spoofed Wi-Fi: A Surprising Dilemma

It’s not every day that you encounter a puzzling situation that seems straight out of a cyber thriller, but that’s exactly what I’m facing. Living with my spouse’s parents in the UK has led to an unexpected discovery: their Wi-Fi credentials appear to have been co-opted by the neighbors. As someone with a degree in Computer Science and a professional history in Cyber Security Consultancy, you’d think this would be a straightforward problem to tackle, but it’s anything but.

The Setup: Home Wi-Fi Chaos

My in-laws rely on Virgin Media as their internet service provider, utilizing a Hub 3 router with default settings—SSID and WPA2 password both found on a sticker at the bottom of the device. Recently, with multiple occupants in the household, it became apparent that the Hub 3 was struggling to handle the load. To remedy this, I purchased a high-end router, intending to switch the Hub 3 into modem mode, allowing my new device to manage all Wi-Fi routing effectively.

The Unveiling: A Ghost Signal

While setting up the new configuration, I noticed something bizarre: my phone was still connecting to the Virgin router, even though it was powered off. Curious, I used a Wi-Fi analyzer app to uncover the source of this mysterious signal and found a robust connection emanating from the back of the house—specifically, my in-laws’ bedroom. Interestingly, the signal was markedly stronger on one side of the room compared to the other.

Despite earnest assurances from my in-laws that there were no additional access points in the house, I was skeptical. The main socket connected to the Hub 3 and with recent renovations, it seemed unlikely that any rogue devices were simply overlooked. My instincts suggested that the source of the signal was coming from the neighbor’s property.

The Revelation: Talk Talk Connection

Upon further investigation, I discovered that the access point in question was a Talk Talk router—entirely unrelated to Virgin Media. It bore an SSID that should have been labelled Talk Talk, not VM. A WHOIS lookup of my public IP address confirmed it: the internet connection was indeed provided by Talk Talk.

Theories Abound: Innocent or Malicious?

This discovery opened a Pandora’s box of potential explanations.

The Innocent Scenario:
1. A tenant in the neighboring rental property, lacking funds for their internet