The summer travel season is almost here, and with it comes an increased risk of hacking.
With all of our smartphones, iPads, laptops, netbooks and Bluetooth-enabled devices, we’re more at risk of online fraud and identity theft than ever before. In fact, a 2011 report from Javelin Strategy & Research found that the average out-of-pocket expense for identity theft victims skyrocketed 63%, from $387 per incident in 2009 to $631 in 2010.
Business travelers often have the most to lose from attacks and airports are hotbeds for identity theft, from rogue Wi-Fi hotspots to new wirelessly-accessible e-passports.
Therefore, it’s important for them to follow these security precautions in order to travel safely this summer:
1. Don’t Fall for a Good Deal: With a slumping economy and tourism industry, travel companies are bombarding consumers with hard-to-pass-up deals and criminals are taking full advantage. Avoid travel deals that sound too good to be true--they probably are. Research the company behind the deal to see if it’s accredited by the IATA (International Air Transport Association) or has been listed on any sites as a potentially fraudulent scam (try the Better Business Bureau online). Also read travel-related scam forums (e.g., 419legal.org) for others’ experiences with the same company before signing up.
2. Groupon Spoofing: Be aware that criminals can “spoof,” popular coupon sites like Groupon to install malicious software on your computer to steal financial credentials and take your money.
3. Use Credit: Travelers should pay for their trip by credit card. Credit cards better protect consumers against losses due to theft and fraud. Avoid using cash, check, or debit cards (unless your debit card carries this protection) as you risk complete loss and increased liability.
4. Don’t Share Machines: Don’t use public computers at Internet cafés or hotels. It’s easy to steal login credentials and passwords, banking information, private correspondences and more.
5. Just Say No to Wi-Fi: Try to avoid using public Wi-Fi as much as possible – even if it’s provided at the airport, on the plane or in the hotel. Criminals can set up fake public Wi-Fi access points that, once you connect, give them access to all of your information. Instead of public Wi-Fi, try using MiFi (e.g., Novatel MiFi Mobile Hotspot), or “tether” your laptop, netbook or tablet to your smartphone’s 3G service. If you must use publicly-provided Wi-Fi, ask the hotel to confirm the exact name of the Wi-Fi network.
6. Cover Your Passport: New e-passports contain embedded RFID chips, which contain personal information that attackers can read wirelessly from hundreds of feet away, and use to clone your passport. Use an RFID blocking passport wallet to keep your information safe.
7. Bluetooth Threat: Turn off Bluetooth on your mobile devices when it’s not in use. Hackers can use Bluetooth to steal personal information and install malicious software. Also be aware that Bluetooth headsets can be eavesdropped on, allowing criminals to easily record your conversations.
Travelers today face an incredible number of new and potentially dangerous cyber threats. Wi-Fi can be dangerous grounds for consumers because it can be extremely difficult to tell the difference between a legitimate public Wi-Fi hotspot and a rogue access point set up by a hacker. It’s important for travelers to understand the types of risks they face and to be cognizant of the information stored on their laptops, netbooks, tablets, and phones.
Another point few travelers realize: You’re just as vulnerable in the air as at the airport. International airlines have already implemented in-flight mobile phone and SMS services that carry the same security and privacy issues from the airport to the airplane. Not only that, but it can make them more effective, as hackers don’t have to worry about victims moving outside of the wireless range--at 30,000 feet, you’re as close to stationary as they need you to be.
Jay Bavisi is president and co-founder of the International Council of E-Commerce Consultants (EC-Council), a global organization that provides training and consulting services on issues of e-commerce and cybersecurity. Jay is a regularly featured speaker at e-commerce and cybersecurity conferences in the U.S., Asia, Europe and the Middle East.