Too obvious - just give it the same ESSID and password as your local coffee shop's network, and let the "Connect Automatically" setting on Windows do the rest.

Many if not most WiFi clients send a list of SSIDs they would want to connect in cleartext in their directed probe request frames in the active scanning mode. I expect there are attackers automatically advertising these networks to lure in devices.

This is far from being obvious to find out and hardly a scalable MITM.

These are always the same tricks that work in a lab, but then when it comes to do an actual MITM on a web site - there are no solutions.

If my web site is www.example.com, you would need to get very close to the site (network topologically speaking) and insert yourself in the traffic. This is in practice undoable, except if you hack the local network where the web server lives (specifically some equipment) or the server itself.

Or hack the DNS server.

None of these are remotely easy with basic security in place.

My remark was tongue-in-cheek. I'm aware that this would only go as far as appearing as a bridge router, which Windows often designates with a number after the name (e.g. WittyNetworkName 2). It's not very subtle, and you would likely only intercept a fraction of the traffic from a client, as they would default to directly contacting the host where possible.