July 27, 2015 at 11:35 AM
Every summer, vacationers put their house lights on timers and their mail on hold when they travel away from home. It’s just as important when taking a vacation to take similar precautions with good cyberhabits. Many cybercriminals specifically target travelers.
* Criminals often set online lures to sell fake vacations or tickets. These may be just simple advertisements or sophisticated scams using realistic websites, complete with telephone operators who will “assist” you.
Social media posts with pictures of tourist attractions may update your friends and family, but they also tell criminals that you’re on vacation and your house is empty. Other older posts may contain personal details or pictures of your home, telling thieves what items of value are in the house or how to circumvent security systems.
Sensitive data, such as usernames and passwords, are especially valuable to criminals. One way criminals obtain such data is by installing a “keylogger” on hotel public computers. The keylogger records every keystroke typed on the computer and then transmits that information to the criminal.
Some cybercriminals specialize in “sniffing” the Wi-Fi® and public networks in airports and coffee shops, allowing the criminal to collect and read all information sent over a wireless network.
Other criminals use a practice called “juice jacking,” where the criminal rigs a public charging kiosk to siphon information directly from your device when you plug into it.
Who’s the Boss?
The cybersecurity threat doesn’t end with you. Social engineers often use information about a boss’s vacation to gain physical access or commit financial fraud.
The social engineer knows that he or she can reference the boss and the boss won’t be reachable to verify whether he or she really did order the “repairman” or give instructions for a fraudulent wire transfer.
When in Rome …
Different countries have different laws, which may give government employees or law enforcement full access to your device without your knowledge or permission. Some countries are known to collect all data residing in that country, while others collect data from devices left in hotel rooms.
This may be very important in countries that don’t have the same freedom of speech as the United States. Some of these countries are known to have jailed tourists who posted negative comments online about the government or who posted criminal activities online, such as the use of alcohol or drugs.
Luckily, with a little care, it’s possible to avoid these problems. Follow these simple tips to ensure the only memories from your vacation are good ones:
- Use discretion when posting personal information on social media. This information is a treasure trove to social engineers. Don’t post information about travel plans or details; save the pictures and updates until after you return home.
- Set email “away” messages to only respond to known contacts in your address book.
- Disable geolocational features, such as automatic status updates and friend finder functionalities.
- Remind friends and family members to exercise the same caution.
Protect Your Devices
- Keep your electronic devices with you at all times.
- Before traveling abroad, change all passwords that you’ll use while traveling. Upon your return, change the passwords of any accounts that were accessed while abroad. This includes passwords used by social media websites and email providers for which you have automatic logins.
- Don’t access sensitive accounts (such as bank and credit card accounts) or conduct sensitive transactions over public networks (such as hotel and airport Wi-Fi, business centers and Internet cafes).
- Use up-to-date anti-virus, anti-spyware and anti-adware software. Apply recommended patches to your operating system and software.
- Use wired connections instead of Bluetooth® or Wi-Fi connections whenever possible.
- Don’t plug USB cables into public charging stations. Only connect USB-powered devices using the intended AC power adapter.
- Know the local laws regarding online behavior, as some online behaviors are illegal in certain countries.