Posted: July 21, 2017 by Wendy Zamora
You’ve probably already seen the back-to-school ads on TV and rolled your eyes a little bit. We’re with you: There’s still plenty of summer left. That’s why we want to remind you about some of the cybersecurity pitfalls you might encounter during the remainder of the summer season.
Whether you’re home with the kids or heading out on vacation, here are some ways you can tighten up your security profile and avoid spending the rest of the summer reclaiming your identity or filing credit card insurance claims.
1. Monitor your children’s Internet habits during summer break.
Without homework and extracurricular activities for young students, summer days and nights are often spent lounging around on a tablet, cell phone, or laptop, browsing the Internet for funny cat videos or swapping faces on social media platforms. Parents may already enforce safe surfing habits during the school year, but with a more lax schedule may come a more lax attitude.
Be sure to set limits for Internet usage, whether that’s hours spent, sites visited, or apps and video games allowed. It’s also important to discuss online predatory behaviors, from cyberbullying to sexual exploitation (with an age-appropriate audience). Don’t just send your kids off to a room to Internet with abandon. Give them the skills (or possibly the parental controls) to navigate the online world safely.
2. Beware of fraudulent hotel booking sites.
Planning a trip to cap off an incredible summer? Make sure you’re using reputable booking sites for travel. A 2015 study by the American Hotel & Lodging Association found that about 15 million hotel bookings are impacted by rogue travel scams each year. Fraudulent websites or call centers often pretend to have an affiliation with certain hotels, when in fact they have none. This can result in being charged for hidden fees, losing rewards points, incorrect accommodations, fake reservations, and more.
The safest way to avoid being scammed is to book directly through a hotel’s website. Use third-party sites as resources to see available options. If you do want to consider a third-party site, call up the hotel directly to inquire if they are, in fact, affiliated. In addition, be wary of sites that urge you to book one of the last remaining rooms or don’t allow you to see a breakdown of fees.
3. Research hotels’ security policies before you book.
According to cybersecurity expert Matt Suiche, hotels are being targeted more frequently by criminals. Guest credit cards are kept on file for room charges and opportunities for additional spending at spas, restaurants, bars, and shops on premise make these properties attractive targets. In April 2017, InterContinental said that 1,200 of its franchise hotels in the United States, including the Holiday Inn and Crowne Plaza, were victims of a three-month cyberattack aimed at stealing customer payment card data. Also this year, 14 Trump hotels were targeted by hackers raiding personal data such as credit card numbers, expiration dates, and security codes, as well as some phone numbers and addresses of hotel customers.
When booking your hotel, you can ask about privacy and security policies in place for protecting customer data. Does the hotel have cybersecurity software? Is data stored in a secure computer/network? Who has access to it? Their policy should cover this information and more.
4. Watch out for public wifi in airports and hotels.
Yes, free wifi is a wonderful thing. How else would you stream Netflix in your hotel room instead of watching the room service menu options on your TV? However, free wifi is also public, which means that any person in the hotel or airport can access that account with (or without) a simple password. Wifi that isn’t password-protected is especially vulnerable. Add thousands of people accessing it daily and you’ve got a recipe for data breach.
So what to do? Use up your mobile data? That’s one (expensive) way to deal with it. What we recommend, for the layperson, is to avoid sites where you need to login, sites with sensitive info (banking, healthcare, etc.), and especially stay away from making purchases over an unsecured connection. If you absolutely need to access sensitive info on this summer trip—perhaps it’s for business rather than pleasure—you’ll want to look into using a virtual private network, or VPN. In fact, if you are traveling for business and staying at a luxury hotel, you might be vulnerable to a spear-phishing campaign called DarkHotel if you use the in-house wifi network. Better get that VPN cracking.
5. Don’t announce to the world that you’ll be away from your house on vacation.
The lead-up to the vacation is almost as good as the vacation itself, no? It’s hard not to get swept up in the excitement and jump on Facebook to tell all your friends about your upcoming trip. Problem is, unless you are ruthlessly private about what you share (and social media platforms are constantly updating their policies, making it easier for people to find your information that you didn’t intend to), people who aren’t your friends will see that announcement, too. And really, how well do you know that girl you passed in the hallway in high school 30 years ago?
Discussing your travel plans (specifically the dates you’ll be gone) opens you up to a physical security issue. Criminals are known to watch social media in order to target homes they know will be vacant for robbery. So best to wait until you get back until you start posting those trip photos.
6. Look closely at ATM scanners and gas pumps.
Heading to a concert and need to gas up? Hitting up an ice cream truck at the beach and forgot your cash? Be extra careful when stopping at gas pumps or ATMs, especially those unaffiliated with a bank. ATMs and gas pumps are targets for cybercriminals, who might attach skimmers in order to pilfer bank account or credit card data (and eventually drain those accounts).
Before you swipe your card, give the card reader a good tug. If there’s a skimmer attached, it’ll likely pop right off the top. In addition, take a look around the ATM or gas pump for small cameras (smaller than your typical surveillance camera). They’d be pointing down at the keypad in order to capture your zip code or pin number.
7. Avoid credit card fraud.
Easier said than done, we know. This one is extra tricky when traveling abroad. Pick-pocketers steal wallets or credit cards might be accidentally left behind and lo and behold: someone’s charging $2,537.45 worth of train tickets. While many card companies can track fraud and refund you the charges, the hassle of reporting and waiting, especially when overseas, is probably the last thing you want to deal with while sunning yourself in Phuket.
A few ground rules for traveling with credit cards: don’t take them all. Select one or two with high credit limits and low foreign transaction fees. Make copies of the credit cards you’re bringing with you so you can see the numbers and customer service phone number. Leave one copy with a friend and bring another with you. (Just don’t store it in the same place as your credit cards.) And finally, make sure you alert your credit card company of your travel plans so they don’t freeze your account.
Summer is a time to kick back and enjoy. So don’t spend it on the phone with your bank and the IRS. Take these precautions and you can be sure to end this easy-breezy season on a light and carefree note.