Holiday travel is ramping up. And so are hackers looking to prey upon one of their favorite targets, the hospitality industry. Every year, the industry ranks high on security risk reports because of the massive amount of personal information they collect from a diverse cross section of international travelers. And because you have so many people moving in and out of hotels, resorts, and airports, bad guys can move amongst you all with ease and take advantage of your distracted mind that is busy with more important things—like fruitcake, faking excitement over your ninth Christmas sweater, or just getting home in one piece. Here are some quick reminders and alerts to consider as you go there and back again. (In reality, these are just good practices for all times of the year.)
1. Free Wi-Fi. Beware those bearing gifts, including well meaning airports and hotels with free Wi-Fi. Free Wi-Fi networks, whether legitimate or spoofs provide an easy entry way into your device and your data. Whenever possible, don’t use them. If you can, always use a cabled internet access point when on the road. If you must use Wi-Fi, at least verify the names of official Wi-Fi networks with the airport or hotel. Bad guys will often set up confusingly similarly named spoof networks to get you to connect. Even when you do connect to a verified network, use personal VPN software to encrypt your information going cross that network.
And don’t relax when you get to mom’s house. At a minimum, make sure any residential Wi-Fi network you use is owned by your friend or family member and at least has a (strong) password to get access. Don’t be shy; ask them if they have encryption enabled on their router as well. If they have no idea about what you are asking, consider it a public network and follow the tips above.
2. Be wary of USB charging ports. Most definitely do not plug your device directly into such a charging port in a hotel, lobby, or concourse of an airport. Better yet, don’t use a charger you do not own. Similar to devices placed on credit card readers to steal your card information (i.e. at gas pumps), hackers can place facades on USB ports to do the same thing. Sure, your phone will charge and all will seem normal, but they may be actively or passively collecting data off your device or infecting it with malware to do worse things later.
3. Flying the Unfriendly Skies. Use the same protections on a plane Wi-Fi that you would in a hotel, airport or coffee shop. Furthermore, if you are going to use any service and pay for it on board, be wary of entering your ID and password from your seat. People do watch what you do on any screen on planes. They do. We all do. Screens make us want to look at them. So, be careful to shield your information in case someone is looking to pick off those credit card numbers so they can order a movie or snacks for themselves (as the cart slams into your elbow for the 4th time.)
4. Power Down and Lock it Up. Never leave your laptop unsecured in hotel room when you are not there and definitely do not leave your laptop ON when not in use. Lock up your laptops, mobile devices, or anything else of value when on the road in hotels. Many more hotel properties offer in room safes for your use, which require a password that you can set. It is “your room” only in the figurative sense. No safe? Lock it in your trunk of your rental car or in the hotel safe downstairs. Inconvenient? Maybe, but not as inconvenient as having your identity stolen or bank account cleared out. Almost all laptops today come with encryption capability for all hard drives. All you need to do is turn it on.
As always, I could go on and on here, like Uncle Ted telling you about his latest visit to the doctor and showing you his swollen feet at the dinner table. As you take to the open road, also take some simple steps to ensure it is a safe and enjoyable trip. You will bring home enough gifts you didn’t want. Don’t add more if you can avoid it.