The more time you spend online, the more you’re at risk of being targeted by cybercriminals. But did you know that the threat is even greater when you travel?
Imagine this scenario: your company sends you overseas to complete a project. During your stay, you use your company business card at an ATM – nothing unusual about that. But, once you return home, your employer notices massive cash withdrawals from the bank – withdrawals you’re at a loss to explain.
For one small consulting firm, this was no imaginary situation. Reported by the National Cybersecurity Alliance, the incident saw the 10-man consultancy lose a total of $15 000 – the business’s entire cash reserve – after the credit card details were recorded by a skimmer device that criminals had installed on the ATM used by the employee.
“This incident shows just how devastating the effects of cybercrime can be,” says Bonnie Smith, General Manager FCM Travel. “And it’s just one example of a cyberattack. There are so many more ways criminals can target travellers – so it’s important to be aware while you’re out on the road. Don’t let your guard slip, which is often challenging when you’re focussed on meetings, exploring new places or enjoying your trip.”
According to a study conducted by IEEE Innovation At Work, the travel and transportation industry was the second most targeted industry for cybercriminals in 2018. The same study reports that one in seven travellers has fallen victim to information theft.
Why are travellers such soft targets?
One reason may be their lackadaisical attitude. A somewhat concerning report by IBM shows that although 40% of travellers acknowledge that they could be at risk of cybercrime, only 30% guard against the threat.
Don’t judge the other 70% of travellers too harshly, though. Smith points out that travel leaves people in a highly vulnerable position. For a start, travellers typically have, out of necessity, a large volume of valuable data on their person, from their passports to travel itineraries and payment information. All of this is gold for the cybercriminal who can sell the information or use it for identity theft or phishing attacks.
The traveller’s state of mind doesn’t help, either. When you’re feeling tired after a long trip, it’s normal to opt for the quickest connectivity solution – like public Wi-Fi – to download a mail or make a fast transaction instead of opting for the safest option.
What’s more, because of the interconnectivity of devices, any seemingly small breach of security may have massive ramifications.
Guard against being a victim
The good news, says Smith, is that while the threat might be significant, there are several steps travellers can use to avoid an attack.
Some of these actions should be taken before leaving home, like brushing up on your rights and local laws. This is important because different countries may exert different rights to your data. For example, border guards may ask to see the contents of your laptop, and if you know that this is likely, you can plan ahead.
It’s also a good idea to change all your frequently used passwords. You may even wish to set up a temporary email account if you know that you’re likely to use a public computer. In fact, this is advisable if you plan to work from your hotel’s business centre, as these centres are a natural target for cybercriminals.
If your personal data is stored on the cloud, consider deleting the local copy from your laptop and disabling the sync feature. While you’re at it, download software that encrypts information and protects copied data. Update your anti-virus protection, host intrusion and host-based firewall software.
This is also the time to pay any bills that may fall due while you are away, a step that will lessen your exposure while you are travelling. If you foresee the need to download software, do so before you leave.
Your final action, before you land, should be to disable the auto-connect function on your phone – connecting to the Internet manually for a few days isn’t much of a hassle, especially if it keeps your data safe. You should disable Bluetooth connectivity, too.
In transit? Chances are you’re using your time to catch up on mails – but refrain from plugging into the public WI-FI network. Instead, set up a WI-FI hotspot on your phone and encrypt your data using a Virtual Private Network.
Once you’ve arrived at your destination, keep your device on you at all times. It sounds obvious, especially for crime-wary South Africans, but a request to borrow your phone or tablet for one second may not be quite as innocent as it seems. By the same token, don’t use anyone else’s device. And don’t consider taking ‘backup’ devices with you just in case – the fewer devices you have to worry about, the better.
Use public equipment with care, and exercise caution if you need to charge your USB in public. If you need to charge, a good tip is to switch off your device before plugging it into a charging station. Finally, if you have been asked by border guards to screen your device, treat it as if it has been compromised.
The bottom line? “It’s important to stay alert and aware when you’re travelling,” says Smith. “This is always good advice, and now in terms of cybercrime too. Follow the tips and advice shared above, and chat to your travel expert about any destination-specific alerts or information.”