In this paper, the authors consider the problem of “Evil twin” attacks in Wireless Local Area Networks (WLANs). An evil twin is essentially a phishing (rogue) Wi-Fi Access Point (AP) that looks like a legitimate one (with the same SSID name). It is set up by an adversary, who can eavesdrop on wireless communications of users’ internet access. Existing evil twin detection solutions are mostly for wireless network administrators to verify whether a given AP is in an authorized list or not, instead of for a wireless client to detect whether a given AP is authentic or evil. Such administrator-side solutions are limited, expensive and not available for many scenarios.