When we travel, we are more exposed to stolen data than at many other times in our lives. We asked international anti-fraud professors for their best tips for making it harder for crooks to steal your private information.
The amount of personal information we’re asked to hand over when we’re traveling is on the increase. Take Spain, where thanks to a new law with unclear provisions, visitors who rent cars or check into any type of short-term accommodation—including hotels, rental properties and campsites—must now hand over large amounts of personal data to strangers with insecure storage systems.
Dr. Professor Miguel Oliveros, an expert in border security at Spain’s Universidade da Coruña, is one of several experts who are expressing concerns about the law.
“I actually have a flat which I rent out, and guests must give me their I.D.s,” says Oliveros. “” then enter their information on the [government’s] website, but I’ve never seen any information relating to when this information is deleted, or any suggestion that I’m obliged to delete it, although obviously I do. There are certainly risks from those with sinister intentions.”
Although there’s been a general increase in cases of identity theft-related crimes worldwide, the methods used by criminals vary from region to region.
“Wi-Fi attacks and ATM card skimming appear to be more prevalent in parts of Europe than in Asia,” says Professor Ryan Wright, an expert in cybersecurity at the University of Virginia. “On the other hand, QR code scams—where criminals replace legitimate QR codes with malicious ones that redirect users to harmful websites—are more commonplace in Asia.”
But before you cancel your summer vacation, hold fire. We’ve grilled some of the world’s top data security experts to find out how a few simple precautionary measures can keep you and your data safer when you’re abroad.
1. Be selfie-savvy.
Partial to posting pre-flight selfies? Make sure your vacation photos don’t contain any sensitive information. Boarding passes and passports should never be photographed. Scammers often use social media when it comes to obtaining details about potential victims, and we typically upload more photos than usual when we’re on vacation.
The United States’ Anti-Phishing Working Group (APWG) recently revealed that attacks on social media platforms account for 30 per cent of all phishing attacks. (You should also consider waiting to post vacation photos until you return home so that you’re not announcing to the world that your home is empty.)
2. Spread the risk.
Criminals love travellers who keep everything in one spot. A thief’s Holy Grail is the tourist who has stashed their cash in the same place as their passport, emergency contacts, and credit cards (ideally, next to the scrap of paper on which their PIN is written). Separate your sensitive possessions that offer the biggest clues to your identity—ones that could be used to access bank accounts, for example.
“Always spread the risk,” says Prof. Wall. “I usually take an old back-up phone on vacation, and I keep it separate from my main phone. Meanwhile, I lock secondary credit cards and my passport in the hotel safe.” (But even hotel safes can have their unsafe moments, so make sure you keep a copy of your passport’s information page elsewhere, such as on the cloud.)
3. Use pre-paid cards.
We love pre-paid debit cards, and not just because they encourage more mindful spending. When you use them, the risk of falling victim to identity fraud is much lower, simply because they’re not tied directly to your bank accounts.
The best bit? Your purchases are still protected. Once you register your prepaid card with its issuer, it’s required by the Consumer Financial Protection Bureau to offer protection in the event of loss or theft.
4. Embrace VPNs.
Using a virtual private network (VPN), such as the ones offered by NordVPN, adds an extra layer of protection when you go online.
“Always use a reputable VPN when connecting to the internet abroad,” says Prof. Wright of the University of Virginia. “Cybercriminals often hack into wireless access points at hotels, restaurants, or coffee shops to intercept communications and capture sensitive data in order to gain access to important accounts or systems. A VPN prevents these attacks by encrypting all communications, ensuring that even if someone intercepts your data, it remains unreadable.”
5. It’s not always good to talk.
Maybe that lovely lady at the airport truly is conducting a survey about the travel plans of incoming tourists, and perhaps the guy outside your hotel is actually simply interested to know where you’re from, but when you’re abroad, always keep up your guard about requests for any personal information—no matter who they come from, or how innocent them seem.
“Always be wary of people trying to ‘social engineer’ you into giving out information about yourself,” says Prof. Wall.
6. Pre-game the safety situation.
Professor William Kresse (nickname: Professor Fraud), based at Chicago’s Governors State University, is an expert in identity theft and also a certified fraud examiner. His top tip?
“Before you travel, go to the U.S. State Department travel website (travel.state.gov), click on the International Travel tab, then scroll down and enter the name of the country you’re visiting under the ‘Learn about your destination’ tab. You’ll find a wealth of valuable safety information collected by the U.S. State Department staff for that country, including information about the prevalence of crimes such as identity theft.”
7. Come up with a safe word.
Safe words aren’t just for secret agents and naughty encounters—they can reduce the risk of identity fraud, too. “Talk with your family back home before you leave and devise and agree upon a safe word,” says Prof. Kresse. “The safe word should be a unique word or term that only the traveler would know.”
Why? “Fraudsters are starting to use AI to produce audio—and even video—deepfakes which sound just like someone [you know],” says Prof. Kresse. “Voices can be sampled from social media sites and then manipulated to make bogus requests.”
Kresse says you should your have family back home agree that unless they see or hear your chosen password, they should consider any requests for funds or information as a scam.
8. Choose your network carefully.
If you try to log onto the internet at your hotel or restaurant, it’s highly likely there will be multiple networks to choose from, including one for overnight guests and another for day guests. Don’t just click on the first one that contains the name of your hotel. Instead, ask staff which network is the legitimate one.
“Criminals have been known to create rogue Wi-Fi networks with legitimate-sounding names, such as Starbucks_Free_WiFi, to trick unsuspecting users into connecting,” warns Prof. Wright.
9. Keep an eye on your key cards.
Prone to snaffling items from your hotel? Put key cards at the top of your list.
“I always take my electronic hotel key cards with me and dispose of them securely at home,” says Prof. Wright. “These key cards often contain sensitive information, such as your room number, check-in and check-out dates, and sometimes even personal details linked to your hotel reservation. Properly disposing of them ensures that this information cannot be accessed or misused by others after your stay.”
10. Establish travel-only accounts.
To avoid giving out your real home address to strangers behind check-in desks, ask a friend if you can use theirs, or set up a P.O. box for the purpose. Instead of using your primary email address or phone number, sign up for secondary ones that are not connected to any of your sensitive accounts. If identity thieves don’t have the right confirmation details, they can’t crack your accounts.
Don’t become so focused on identity fraud that you forget to take basic everyday precautions, too, including for your credit cards that have wireless payment capabilities. “Always remember to keep alert in crowds,” says Prof. Wall. “Snatch thieves are now regularly using electric scooters in tourist hot spots, so don’t keep it in a pocket or bag from which it can be easily snatched, and make sure your wallet has RFID protection so it can’t be scanned.”
To foil pickpockets and petty crooks, you could even go as far as to carry a decoy wallet full of expired credit cards and a small amount of local cash to make it look convincing.
11. Treat QR codes with caution.
AI isn’t the only type of technology that is making it easier for criminals to wreak havoc. Quick-response (QR) codes are another example, and in an era when they’re often used by restaurants keen to save money on printing menus in foreign languages, it’s easy to let your guard down.
“Never click on links or scan QR codes from unsolicited emails or text messages,” says Prof. Wright at the University of Virginia. “Instead, type the website address directly into your browser to ensure you’re navigating to the legitimate site.”
12. Prepare a crisis plan.
We’re all for a positive mindset, but taking simple precautions can make your life much easier should disaster strike. But don’t take our word for it. Heed the advice from Prof. David S. Wall, one of Europe’s top experts on identity fraud:
“Make sure that you know what’s on your mobile phone and devices such as laptops,” says Propf. Wall, currently based at the University of Leeds’ Centre for Criminal Justice. “Back up the contents to the cloud, keep your passwords and information in a safe place, and take a moment to think about how you’ll restore your data if your devices are stolen.”
This post was originally published on here
