Cyber threats facing smartphone users are escalating at a pace that has forced global cyber agencies to revise long-standing security advice. France’s national cybersecurity agency CERT-FR, along with the United States’ Cybersecurity and Infrastructure Security Agency (CISA) and U.K. cyber authorities, has issued an unusually strict warning: completely disable Wi-Fi on smartphones whenever it is not actively required.
The advisory comes amid a sharp rise in man-in-the-middle and adversary-in-the-middle (AITM) attacks linked to fake wireless networks. Agencies warn that smartphones have evolved into high-value digital vaults—holding banking credentials, identity documents, authentication tokens and private communications—making them prime targets for cybercriminals.
Smartphones Now a ‘Large Attack Surface’
CERT-FR has cautioned that modern smartphones contain vulnerabilities at multiple layers, extending beyond apps and operating systems to Wi-Fi radios, cellular connectivity and even hardware components. According to the agency, average users have no reliable way to verify whether a network is legitimate or malicious.
Public Wi-Fi networks at airports, railway stations, hotels and cafés are considered particularly dangerous. In such locations, attackers can intercept traffic, harvest credentials or inject malware without triggering obvious warnings.
‘Evil Twin’ Attacks Drive New Guidance
A key concern highlighted by cyber agencies is the surge in so-called ‘evil twin’ attacks. In these cases, attackers create fake Wi-Fi networks with names closely resembling genuine ones. Once a device connects, victims may be silently redirected to phishing portals or have spyware installed in the background.
CERT-FR has noted that the structural weaknesses of public Wi-Fi make them inherently risky, prompting the agency to go beyond traditional advice. Instead of merely disconnecting, users are now urged to switch off the Wi-Fi interface entirely.
Special Warning for iPhone Users
The advisory includes a specific caution for iPhone users. According to CERT-FR, disabling Wi-Fi from the Control Center does not fully turn it off—it only disconnects the phone from the current network. The Wi-Fi radio remains active and may automatically connect to nearby malicious networks.
To fully disable Wi-Fi, iPhone users must turn it off via the Settings app, ensuring the wireless interface is completely shut down.
Legacy 2G Networks and Public Charging Risks
The agencies also flagged risks from legacy 2G mobile networks, whose encryption was compromised more than a decade ago. In addition, renewed warnings were issued against “juice jacking”—attacks carried out through compromised public charging stations.
Users are advised to avoid public charging points unless using a trusted USB data blocker. CERT-FR further recommends powering off phones when left unattended, including while charging.
Security Now Outweighs Convenience
Cybersecurity experts say the mobile threat landscape has reached a point where older safeguards—such as avoiding suspicious links or keeping systems updated—are no longer sufficient on their own.
CERT-FR’s updated recommendations include:
- Fully turning off Wi-Fi when not in use
- Disabling auto-connect for all saved networks
- Avoiding public Wi-Fi wherever possible and using a VPN only as a secondary safeguard
A Shift in Digital Habits
Cyber agencies say the warning reflects a broader shift in digital risk management. Convenience-driven habits are increasingly incompatible with modern threat realities, and stronger precautionary measures are becoming unavoidable.
Experts note that in today’s environment, inconvenience may be the cost of security, as cyber threats grow more covert, persistent and technically advanced.
