Is My In-Laws’ Wi-Fi Being Spoofed by Their Neighbors?

I recently encountered an unusual and puzzling situation regarding my in-laws’ internet connection that I have yet to find any discussions about online. With a background in Computer Science and prior experience in Cyber Security Consultancy, this has definitely piqued my interest. Now, after stepping away from the technical field for a while, I’m reaching out to the community to see if anyone else has experienced something similar.

Currently, I am living with my spouse’s parents in the UK, where they use Virgin as their Internet Service Provider (ISP). They have a Hub 3 router, which still operates on the default settings—specifically, an SSID beginning with VM followed by a series of numbers, and a random WPA2 password found on the router.

With several people residing in the house, it became clear that the Hub 3 was struggling to manage the numerous connections. To improve the situation, I decided to purchase a high-end router, intending to configure the Hub 3 in modem mode while using the new device for all Wi-Fi routing.

While setting up the new router, I discovered a curious situation: my phone was still connecting to the Virgin router even though it was powered off. Utilizing a Wi-Fi analyzer app, I sought out the source of the mysterious connection. To my surprise, I found a strong signal emanating from my in-laws’ bedroom, particularly concentrated on one side of the room.

My in-laws assert that there is no secondary access point present in their home. Additionally, the main socket is directly connected to the Hub 3, and their bedroom has just undergone redecorating, leaving no hidden devices behind. This leads to an unsettling conclusion: the Wi-Fi signal must be originating from the neighboring property.

The mystery deepened when I identified the access point as a TalkTalk router, not Virgin. As expected, it has a different SSID. Upon conducting a WHOIS lookup on my public IP address, I confirmed it was indeed associated with a TalkTalk connection.

To add to the strangeness, I discovered that this unauthorized access point is secured with our Wi-Fi SSID and WPA2 password. This raises several eyebrows—how could this happen?

The neighboring house is a rented property with multiple occupants, which means there is a continuous turnover of residents. My in-laws have been using their Hub 3, and presumably these credentials, for