As the summer season kicks off, many people are heading away on their travels. However, it’s important to realize that with travel comes cyber risks.
Cyber hygiene is like personal hygiene — it’s all about having a daily routine. That includes following good practices to ensure that your environment stays clean, especially when traveling.
Be wary of how you use personal devices
When you travel, you typically carry a device, such as a computer or smartphone. These devices are known as endpoints. Endpoints connect to different networks, whether that’s at a hotel, corporate network, or public Wi-Fi.
For example, if you travel with your laptop and then come back to your own environment, your computer, which has been connected to many different devices, is now being brought back to your own network. And if while you were traveling, your device was infected with malicious software like viruses, there’s a chance you could infect your home network.
QR codes have also become super popular for tracking during the last two years. And the potential risk of scanning QR codes is something that you need to keep in mind as well. Usually, when you scan a QR code, it opens a certain website on your device. If it opens a website, that website may be compromised and download malicious files to your device.
Different kinds of phishing campaigns also leverage the fact that people are traveling. One example is where people receive malicious weaponized PDF files pretending they have information about the travel itinerary. Airports are very popular for these kinds of attacks. Wherever there’s travel involved, this risk exists.
The perils of using social media when traveling
It’s a good idea to avoid using social media accounts to log in to certain platforms when traveling.
For example, if you connect to Wi-Fi, you may be asked to create an account or log in with one of your social media accounts. If you log in with one of your social media accounts, you typically allow the people running the platform to access a lot of sensitive information. Our recommendation to avoid this is to create a throwaway account for traveling. This can be used for the specific purpose of connecting to Wi-Fi without any sensitive information being involved.
Another area to be cautious about on social media is scams around instant messaging services. Social engineering is still one of the most prevalent and successful tactics for gaining access to user accounts. And the more information you expose about yourself and your social media accounts, the easier it is for attackers to access them.
One such example is people asking for help on social media websites like Reddit and other big forums. Sometimes, other users try to be helpful and ask for more details. But you need to be aware that if you start to post sensitive information on public websites so others can help you, it’s also not that difficult for others to find this information with open-source intelligence techniques to take advantage of it and use it against you.
Read: Enabling stablecoin growth in the MENA region: Key factors for success
What can travelers do?
The most important point is to patch your systems. A good example is when you use the App Store or Google Play to update the apps on your smartphone. The next time you do this, check why the vendor is recommending you to update their app. More often than not, it’s about a security feature or a bug that has been fixed. If you don’t update these apps, threat actors who are aware of these issues as disclosed by the vendor can take advantage of these vulnerabilities.
Another important point is not to install random things on your computer for which you don’t know the legitimacy. When traveling, sometimes you need different kinds of tracking software, especially if you are in different countries. This is especially true now, with many countries asking for certain kinds of trackers at airport immigration, for example. Make sure you install the right one and not some weaponized files that might be floating around the Internet.
It’s also really important to be aware of who you are sharing your devices with. For example, when you travel, don’t let someone else use your laptop, even if it’s just to quickly browse a website or check some emails. This is really dangerous because if someone else connects to their own inbox, this could lead to you opening a certain file and downloading malicious things onto your computer. Also, don’t leave your laptop unlocked near others, even if it’s just for a moment. Always make sure your computer is locked and that it has a complex password.
Remember: Always practice cyber security hygiene. Bon voyage!
Alain Penel is the vice president of the Middle East region at Fortinet.
For more op-eds, click here.
