If it was a hacking ploy, the network SSID would be exactly the same as yours and open - so that you would connect to it automatically (if they had stronger signal) and you wouldn't notice.
I often do this to my neighbours at weekends when they are playing youtube on their laptop or phone after 1am - basically clone their network (only one unique SSID allowed) and put a password - it stops them as they go out of signal and come back in and they've not ever figured it out. They just think the WiFi is broken again.
If I left it open, no password - they would connect and I would be able to perform a DNS reroute or man in the middle attack and monitor their net activity or other things that might be considered illegal - sure they might tap in my router IP and see connected devices - but it doesn't happen.
As a security analyst, I would consider that a network ID such as "bestfriend" has simply made a new "BestFriend".
If it was a real hacking ploy - it would be the exact same SSID and open network and you likely wouldn't notice as you reconnected to WiFi, as likley there is autoconnect to name.
It's a very old trick - take a laptop into a coffeeshop and DNS reroute from a wireless dongle to their login site - get people's traffic.
One reason why card readers often work off the WiFi and are hard-lined to the bank - it's too easy to MiM a Starbuck's network and another few seconds to watch the image cache of every device - hotels too, that use repeaters for extended WiFi.
Esp. in USA, where some hotels do not even have a password and are very tall.
Sniff that in a few seconds and even access the main desk machines or backoffice from a telephone, sometimes.
(I've had network names such as "I've seen you naked" and someone's changed theirs to "me too" and "I don't want to see you naked". Or sent messages - eg, "working shifts", so neighbours know that it's ok to party all night, but please don't wake me by knocking my door for a chat because I'll be asleep at 0800).
50more people should take security this seriously. Its possible, if it is a targeted attack we call these rogue access points, where you mimic the name of someone else and see if clients connect to it. But we'll need more information, what exactly is the name of your network (ESSID) and how many people use it? Is this personal network? who else knows about this network? does your girlfriend have an ex that wants to get back together with her? you get the idea... some details would be good. – Nalaurien – 2017-06-08T07:58:26.743
57...maybe they are just politely asking you to change the capitalization of your SSID to a "more correct one" because it bothers them when they see it on their available networks list? I can imagine myself doing that... "Never attribute to malice that which is adequately explained by extreme nitpicking" (?) – xDaizu – 2017-06-08T10:55:28.470
21Connect to the network with a throwaway machine and try to scan the entire subnet with nmap to see what they're up to. – André Borie – 2017-06-08T14:26:57.173
21Could just be chance. You'd be amazed at how popular some SSIDs (eg. variations on "FBI Surveillance Van") are. – Mark – 2017-06-08T18:28:21.753
18tread carefully and dont ignore SSL/TLS errors! – n00b – 2017-06-08T19:05:53.707
4Although it could be hacking related, you SSID is so generic, there are a 1000 reason why they named it that. Maybe wifi is their bestfriend also, sad, but completely plausible. Now if it was named jQT1SWVMBEu3 and they copied that then there is no excuse. – cybernard – 2017-06-09T02:32:43.640
13@cybernard: Unless I'm misunderstanding it, "bestfriend/BestFriend" is just a generic example he is using to illustrate the difference. I expect the actual networks are named more along the lines of something like "bennyjacobalfredomcduck" and "BennyJacobAlfredoMcDuck" – Kim André Kjelsberg – 2017-06-09T07:47:36.997
3I'd suggest changing your SSID and turning off broadcast SSID. – mikeazo – 2017-06-12T12:25:13.980
3Regarding the suggestion from @AndréBorie, be aware that this might not be legal. – Jonas Schäfer – 2017-06-12T19:28:11.033
1@xDaizu While plausible, it would be extremely foolish to follow their "suggestion" as long as their network also has this SSID. Therefor, it's a very ineffectual way of making this suggestion. – Jasper – 2017-06-13T08:34:26.950
@Jasper Maybe their SSID has one of those cyrillic characters they use for meanie phising attacks so your change is safe. Or maybe they have a set up such as the moment they see ANOTHER network with that SSID, it disables their own :)
– xDaizu – 2017-06-13T08:42:04.113Them having an WiFi network with the same or a similar SSID doesn't grant them access to your network. A possible attack is where they would use the same SSID and try to lure your wireless devices into connecting to their network (as devices connect to a WiFi network based on the SSID and signal strength by default). Other than social engineering your visitors that would like to connect to your WiFi network to make them connect to theirs, I don't see a valid attack in creating a WiFi network with a not matching SSID. Maybe they like the name of your network or think it'd hide theirs? – BlueCacti – 2017-06-13T11:16:04.763
2Be aware this maybe a mistake you (or a user has made) in attempting to connect to the wifi by specifying it. In Ad-hoc mode you specify an SSID to become part of. Obviously if you were trying to connect to this one, you'd put it in... but if you spelt it slightly wrong, it wouldn't match up - tada, you've got a duplicate network! – djsmiley2k TMW – 2017-06-13T14:01:54.983
5You're confusing hacking with social engineering. 'Hacking' is a slang term in the first place, but it basically means taking advantage of a vulnerability in a system or piece of software. Social engineering is when somebody takes advantage of another human beings stupidity, naivety, ignorance, or short-sightedness to gain access to something that is otherwise is completely secure behind some security algorithm or system of some kind. – searchengine27 – 2017-06-13T23:37:43.613
1I wonder if one could connect by accident to such free wireless network and use it to run a Tor exit node. Assuming it actually allows connections to the outside... – Daniel – 2017-06-14T13:49:57.080
1Hacking? No. Social engineering? Yes. – Thomas Ward – 2017-06-17T21:12:59.707