With the massive increase in mobile device sales worldwide, it is easy to imagine that the number of people using the internet while travelling has also increased significantly in recent years. With this growth in online activity comes a greater risk of becoming a victim of cybercrime. There are a number of steps that travellers can take to protect themselves from becoming targets of cybercrime. Here are 10 tips for staying cyber safe while travelling.
1. Keep your device with you
When travelling, it's important to keep your devices with you at all times. This includes your laptop, smartphone, tablet and any other devices that contain sensitive information. If possible, keep them in a carry-on bag or on your person rather than checked luggage.
Don't leave your devices unattended in public places, and be especially careful in crowded areas like airports and coffee shops. If you must leave your device behind, make sure it's in a secure location where it can't be tampered with or stolen. Most hotels have a safe that is usually large enough to accommodate most laptops. If you are renting an apartment, be sure to keep your mobile devices out of plain view.
2. Use a VPN
You should use a personal Virtual Private Network (VPN) as a matter of course, no matter whether you're travelling or at home, but it is especially important to use one while travelling. A VPN encrypts your internet traffic, making it much more difficult for criminals to intercept your data. This is most important if you're using public Wi-Fi, which is often unsecured and easy for hackers to exploit.
There are many VPN providers available, so do some research to find one that's right for you. They work on all devices and there are VPNs for iPhones, Windows, and even for your Xbox! A VPN is also a handy thing to have while travelling because it allows you to access certain sites and services that may be blocked in your destination country. If you are somewhere that blocks Whatsapp, or Skype, for instance, and you need to use them, you can set your VPN to connect to your home country, and then those services will function normally. This is also true if your email provider blocks various geographic regions.
Please note, however, that most VPN software is processor intensive, and will drain your battery quicker than normal, so don’t keep the VPN on at all times unless absolutely necessary. Generally, if you don’t need to be online, go into airplane mode.
3. Use two-factor authentication
Two-Factor Authentication (2FA) is an important security measure that you should use everywhere possible. It adds an extra layer of protection to your accounts by requiring you to enter not only your password, but also a code that is generated by a separate device, such as your smartphone.
With 2FA enabled, even if malicious actors manage to steal your password, they won't be able to access your account without also having possession of your second factor (the code-generating device). This makes it much more difficult for them to successfully hack into your account.
Most 2FA providers also provide backup codes in case your device is unavailable. You should make it a point to have those codes available so you are not locked out of your own accounts. Like many of my peers, I recommend storing these codes on a separate media device, such as an encrypted USB drive, rather than in a password manager, as way of keeping them separate.
4. Avoid sending or receiving sensitive financial data on public networks
If you are waiting in an airport or coffee shop and need to do some online banking or make a financial transaction, be aware that public Wi-Fi networks are often not secure. This means that criminals could potentially intercept any sensitive data you send or receive while connected to the network.
To avoid this, only use secure, encrypted websites when sending or receiving sensitive data. You can tell if a website is secure if the URL starts with https:// rather than http://. You can also look for a padlock icon in the address bar, which indicates that the site is using SSL (secure socket layer) encryption.
Also, make sure that the Wi-Fi network that you are connecting to is the correct one for the location. Criminals can easily set up a fake Wi-Fi network with a similar name to eavesdrop on your activity, so check the name of the network very carefully before you connect.
5. Use strong passwords and update them regularly
One of the simplest and most effective ways to protect your online accounts is to use strong, unique passwords for each account. While many sites still force an old method of requiring at least eight characters, and a mix of uppercase and lowercase letters, numbers, and symbols, the newer recommendation towards passphrases is recommended where possible. Of course, a password manager is the best option, enabling the longest, randomly-generated, and easily updated mechanisms.
6. Be careful what you click on
One of the easiest ways for cybercriminals to gain access to your devices and accounts is by tricking you into clicking on a malicious link. This is often done via email, but it can also happen on social media and other websites.
If you receive an unsolicited email from someone you don't know, be very careful about clicking on any links or attachments it may contain. And even if the email is from someone you know, if it looks suspicious or out of character, it's best to err on the side of caution and not click on anything.
The same is true for links you see on social media or other websites. If a link looks suspicious, don't click on it. And if you're not sure whether a website is legitimate or not, do a quick search using your favorite search platform to check, before you enter any sensitive information into the site.
7. Keep your software up to date
One of the best ways to protect your devices from attack is to keep your software up to date. This includes your operating system, web browser, apps, and any other software you use. Software updates often include security patches that can help protect your device from the latest threats.
Whenever you see a notification that an update is available, make sure to install it as soon as possible. You can usually do this automatically, so you don't have to worry about doing it manually.
8. Use a security tool or service
There are a number of different security tools and services available that can help keep you safe online. These include tools that will notify you if a compromise is detected on your device. Several mobile carriers offer these services as part of their data packages.
9. Buy a local SIM
If you want to avoid the perils of open networks while travelling, one of the best things you can do is to buy a local SIM and use it to set up mobile hotspots. This is a particularly good strategy for when you need to send or receive sensitive data.
Most countries have tourist SIM packages that you can buy that will give you a pre-determined amount of data to use over a period of time. This is usually much cheaper than using your home data plan while abroad.
10. Pay extra close attention to your credit card transactions
Certain countries have more cybercrime than others. If you are somewhere where you know there is a higher chance that your credit card information will be stolen – for example, while using an ATM or purchasing a plane ticket online – make sure that you closely monitor your transactions for fraud.
If you see any charges that you don't recognize, report them to your credit card company immediately. The sooner you catch the fraud, the less likely you are to be responsible for the charges. Your card company should also work to get you a new card as soon as possible, so you won’t end up stranded without any money.
By following the tips above, you can help to keep yourself safe from cybercrime while travelling. Just remember to be vigilant and take precautions when using public Wi-Fi, sharing sensitive information, and clicking on links from unknown sources.
With a little bit of awareness and care, you can enjoy your travels without having to worry about becoming a victim of cybercrime.
About the Author: With a passion for working on disruptive products, Anas Baig is currently a Product Lead at SECURITI.ai. He holds a Computer Science Degree and did his Bachelors in Science from Iqra University. His interest includes Information Security, Networking, Privacy, and Data Protection.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc