Whether you own a Mac personally or manage a fleet with enterprise endpoint software like Mosyle, there’s a good chance you have scores of old unsecured wireless networks saved—Wi-Fi points that don’t require authentication.Common places where users connect and save these networks could be Starbucks (often “Starbucks WiFi”) and airports (like “Airport Guest”).So, the risk? Attackers can exploit this by setting up rogue access points with the same SSIDs, tricking your device into connecting automatically.
To prevent spoofing attacks like this, you can automate the removal of common SSIDs using the following script below! Mosyle, the only Apple Unified Platform..One of the most infamous tools used for such attacks is the Wi-Fi Pineapple, commonly employed by penetration testers and malicious actors for man-in-the-middle (MitM) attacks.
This device can be set up as a rogue access point to broadcast fake networks with commonly used SSIDs to trick computers into connecting automatically, believing they are joining a trusted network.I reckon most users would see they have a working connection and not investigate further.Meanwhile, every bit of data traveling between the victim’s machine and the Internet is silently being intercepted by the Pineapple, thus the attacker.
Like other computers, Macs are also prone to auto-connecting to familiar unsecured networks rather than prioritizing secured ones.While this type of attack isn’t super common, it’s a real risk worth being aware of.To prevent SSID spoofing, you can automate removing common unsecured networks from your Mac using the following script.
I’ll break it down in steps for those unfamiliar with shell scripts.Step 1: Open Terminal Open Terminal or you’re preferred emulator.Step 2: Create the script file Next, we will create a new script file with your preferred editor.
I like Nano (: nano remove_public_wifi.sh Step 3: The script Copy and paste my script into the new remove_public_wifi.sh file.You can change and add as many SSIDs as you like in the list below.#!/bin/bash ############# # By Arin Waichulis # Created 09/08/2024 # Last tested on 03/14/2025 with macOS Sequoia 15.4 ############# for interface in $(networksetup -listnetworkserviceorder | grep Hardware | awk '/Wi-Fi/ { print $NF }' | awk -F ")" '{ print $1 }') do echo "Now removing saved Wi-Fi networks from $interface" networksetup -removepreferredwirelessnetwork $interface "Starbucks WiFi" networksetup -removepreferredwirelessnetwork $interface "Starbucks" networksetup -removepreferredwirelessnetwork $interface "Panera" networksetup -removepreferredwirelessnetwork $interface "CVG Free" networksetup -removepreferredwirelessnetwork $interface "FreeWiFi" networksetup -removepreferredwirelessnetwork $interface "SFO WiFi" networksetup -removepreferredwirelessnetwork $interface "Public Free" networksetup -removepreferredwirelessnetwork $interface "Airport-WiFi" networksetup -removepreferredwirelessnetwork $interface "DaysInn_Guest" networksetup -removepreferredwirelessnetwork $interface "Free-Network" done exit 0 Step 4: Save and exit Save the file in Nano by hitting Ctrl + O and press enter to confirm the name.
Exit the file by hitting Ctrl + X Step 5: Make the file executable Lastly, we need to give the file executable permissions before we can run it.Otherwise, it won’t get far.We can do this with the following: chmod +x remove_public_wifi.sh Step 6: Run! Run! Run! We can run the script by entering the following and then authenticating as sudo.
sudo ./remove_public_wifi.sh More: How to verify as sudo using Touch ID instead of typing out your password This will stop your Mac from auto-connecting to any network we listed, including secured ones.Of course, you can also do this manually by going to Settings -> Wi-Fi -> Advanced and clicking to remove each manually; however, you’ll find the above method more streamlined if you travel for work and enterprise-friendly.Please leave any questions or comments below (: You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day.
Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop.Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel
