In the previous section, we saw how rogue APs could be identified. Now let's look at what this attack actually does. In this type of attack, the attacker mimics an original access point and, in a parallel manner, disconnects the legitimate users from the original access point. In this case, what happens is that when the station tries to connect back to the network, it is not able to connect to the original access point and instead gets connected to the fake one. Because of this, all the network data passes through the rogue access point, and the attacker can harvest sensitive details about the targets.