Tips Cyber-Savvy Travelers Know
1. Use the hotspot on your mobile phone instead of taking a risk with Public / Unknown Wi-Fi.Free Wi-Fi is offered in most travel lodgings including vacation rentals, but people do not realize how much of their data and activities they are sharing.
If you’re using a public Wi-Fi, you could be exposing your data to things like Wireshark, a common open-source software used by network administrators to analyze and troubleshoot network traffic. Though it is legal and free to download, Wireshark allows anyone to intercept your email, listen in on your VOIP conversations, read your instant messages and access website cookies to authenticate as you on various websites, any time that data is not properly encrypted.
Wireshark is just one of many tools easily available. There are hundreds of YouTube videos that will teach you how to hack anyone’s information on Public Wi-Fi, and do it in less than five minutes.
Did you know it is even possible for a computer virus to spread via a Wi-Fi connection? Hackers use $50 Wi-Fi Pineapple devices to pretend to be common networks like Starbucks or airports. They can listen to your cellphone ask for your home network and immediately start pretending to be that network so your phone automatically joins it. Once intercepted, they may be able to stage “man-in-the-middle” attacks to steal login credentials and financial information.
Instead of immediately trusting public Wi-Fi, use your phone’s hotspot to browse safely.
2. Use a high quality VPN to protect your connection.If your mobile plan does not include extended or unlimited hotspot minutes, another option to consider is using a secure Virtual Private Network (VPN). Secure VPN prevents companies or hackers from tracking your online activities or location by encrypting your information. You can browse the web anonymously and avoid being tracked by online advertisers.
Do your own research to determine which one works best for you as some have better service when traveling internationally, while others offer fast streaming and money-back guarantees.
3. Turn off Wi-Fi when not in use.If you are not actively using the Internet, turn off your Wi-Fi. Your information can still be compromised if you are connected to a public network. Bear in mind that disabling the “auto-connect” feature in your device is not enough because devices will still scan for Wi-Fi and Bluetooth connections. This is enough for hackers to get to you. Do enable the “Always use HTTPS” option on your device.
4. Turn off geo-tagging and email location tracking.Twitter, Instagram and iPhone photos all store the latitude and longitude of every photo taken unless you disable geotagging on your mobile device settings. You may want to share a memory, but do you want to share your location at the same time? Do you want to tell people you’re not at home?
Your location can also be tracked via email. Many browser-based email tools let senders see when recipients open the email, and where the recipient is located, usually in real-time. Some embedded image systems even show the device used to open the email. Switching off the image loading in your email client will protect you on incoming emails.
5. Use 2FA for most activities on your devices.Almost all banks require their customers to use two-factor authentication [2FA], also known as multi-factor authentication, when logging into Online Banking websites and apps. It’s a good idea to use two-factor authentication for other mobile apps as well. The majority of two-factor authentication systems use one-time passwords sent as a text message or email to the contact information you provide.
Passwords are critical but not failsafe. They can be hacked if you reuse passwords or don’t make them complex enough. Two-factor authentication will give you an extra layer of protection, drastically reducing chances for criminals to succeed. Many online retailers, email providers, social networks and communication apps (e.g. WhatsApp, Skype) support and encourage 2FA security.
6. Never trust a “quick charge” booth.Quick charge booths at the airports, coffee shops, etc. are ubiquitous and very convenient. Never forget that your USB device doesn’t just transfer power, it also shares data. A quick recharge kiosk may be reading your data in addition to charging your device. Travelers should bring their own USB power bank, but failing that, use a wall socket charger with your own USB port.
7. Shred your travel documents.Boarding passes, tickets and/or travel itineraries often contain loyalty travel programs and frequent flyer mile account numbers. Did you know these have a street value on the dark web? Malefactors know they can use these numbers to gain access to bank accounts and credit cards. Instead of just throwing the documents in the trash, shred or tear them up and spread the pieces across different trash bins to ensure they cannot be easily pieced back together.
8. Install privacy screens for your devices.Airplane seats on US domestic flights are so narrow it is almost impossible to not read whatever information your seatmate is viewing. You can protect sensitive data by using privacy screens on your devices, which don’t allow people to view your screen from the side. They have the added benefit of reducing screen glare. Privacy screens are available for all types of devices – laptops, tablets, cell phones, etc. – and they come in handy even if all you are doing is buying shoes on Amazon.
9. Don’t be stranded with just one form of payment.When traveling, you want to plan ahead to prepare for any possible snags. One of the things you should always plan for is having multiple ways to pay. Take your debit card, but also have a backup method of payment, such as cash or a credit card. Setting up your digital wallet on your phone is a good idea, too. Cyber-savvy travelers know that digital payments using a digital wallet are extremely secure. Your credit and debit card numbers are never shared with merchants or transmitted during payment. Instead of your account numbers, your unique number is encrypted.
That way, if you leave your wallet in the car, you can still pay for that soda you picked up in the convenience store using your phone, or if your debit card washes out of your swimsuit pocket while you’re playing in the ocean, you can still pay for dinner. Added bonus? Payment using your digital wallet is also contactless.
Also, before you go, don’t forget to give your bank a call and let them know your travel plans so that if you use your card while traveling, your bank will know to expect charges from your destination.
No matter where you travel next, protecting your personal information during a trip is just as important as packing your toothbrush or sunscreen. Find your weak spots and determine what reasonable steps you can take to secure your identity.
About the Author: Alex Cummings is the Information Security Awareness Program Manager for SouthState, overseeing information security training and communication. He’s been with the bank for 4 years. He studied computer information systems at the University of South Carolina, where he started the Cyber Security Club and was recognized in several regional and national competitions.