A disassociation attack is a type of Denial Of Services Attack, which is used to disconnect an access point (mobile device in this case) from a router by sending disassociation packets to the device. It is a common way using which hackers try to gain access to your personal information. They place other WiFi networks with open securities, and people connect to them as they cannot connect to their network compromising their privacy.
Whenever you connect to a WiFi network, your device sends management frames to the router. These management frames are used to connect a device to a router. It is also used to provide other information like the number of channels, SSID, among others.
The primary issue with IEEE 802.11 protocol (WiFi protocol) is that all these management frames are sent in plain text. An attacker can collect this information by using a WiFi packet tracker like Airodump. Once the attackers have all the information contained in the management frame, they can send disassociation packets to your device. These dissociation packets will not let you connect to your WiFi.When this attack occurs, your device starts looking for new networks to join. Sometimes attackers put an evil twin WiFi with the same SSID as well as password, and your device will connect to that network. This new network is vulnerable, and all your data will be exposed to the attacker.
Preventing disassociation attacks
Most data encryption techniques, like WEP and WAP, do not encrypt management frames. So even if you have an encrypted WiFi network, you can be targeted by a dissociation attack. The only way to protect yourself from such an attack is to use the IEEE 802.11w protocol. But this protocol came about in 2009, so a lot of hardware does not support this protocol.
Also read: What is an NFC attack? How does it work and 3 preventive measures