Contents:
Summer is already in full motion and people are busy getting their long-awaited vacation days (or planning upcoming free time). The more exotic the destination, the better, right? Even if we’re not traveling to still-wild destinations or targeting the opposing ends of the planet, we still try to score a new destination as often as possible. But our appetite for travel novelty can come with its own risks. To help you plan the vacation you want with minimal risk, I’ve put together this list of essential travel safety tips for your online and offline security. Read through, see what can happen, take a few simple precautions and everything should be wonderful. Here’s everything you need to know in order to stay safe when traveling, both digitally and otherwise.
Intro: A Few Less-Known Travel Security Risks
Before we dive into the 25 best security practices for travelers (further down below), out of which some are evergreen advice, I should get everyone up to speed with a wave of more recent threats. It’s no secret that we live in increasingly dangerous times, from a cybersecurity standpoint. Hackers, thieves and malicious actors of all kinds know no bounds in finding creative ways to compromise your security and do harm. Most people aren’t even aware, sadly, of all the bad things which can happen, especially with the most recent developments enabled by tech. Here’s the scoop on current travel security issues and risks you may not know about.
A. Hidden Spy Cameras in Airbnb Rentals
A recent wave of horror stories featuring Airbnb rentals secretly spying on their customers has inflamed the media and popular opinion along with it. Unfortunately, though the gig economy (which Airbnb is a part of) has many advantages, accountability is not its strong suit. Airbnb hosts should be very motivated to keep their customers happy in order to get good reviews and returning business, so it’s generally pretty safe to book a stay through Airbnb. But some malicious hosts are secretly taking advantage of their clients’ trust by spying on them with a hidden camera. The issue is very upsetting, especially since some clients reported that the Airbnb ad for the property they rented described it as ‘cozy and romantic’, only for them to discover that there’s a hidden camera directly above their bed. Privacy infringement is too mild to describe it. Of course, such intrusion is highly illegal, but obviously, everyone would prefer not to be a victim in the first place. Airbnb is aware of the problem and says they are coordinating efforts to crack down on hosts who use cameras. But until the problem is contained, here’s what you can do to protect yourself. Here’s how to stay safe from spy cameras in your Airbnb / hotel room:
#1. Look for obvious hidden cameras.
Check the entire room for potentially hidden cameras before you make yourself comfortable. Common hiding places include lamps, wall paintings or decorations, decorative objects on the nightstand, alarm clocks, lightbulbs, smoke alarms, etc.
#2. Scan the place for hidden cameras with your phone
If a first superficial search doesn’t reveal any cameras but you still want to make sure, you can use a special app on your phone to detect the subtle glint of a camera lens. This helps you discover secret cameras that are too well-hidden for you to detect with the naked eye. You can download a hidden camera detector app from the Google App Store (for Android) and from the Apple App Store (for Mac OS).
#3. Scan the network for connected devices (cameras)
You can also use your phone for connecting to the host’s Wi-Fi network and checking what other devices are connected to it. In most cases, this is another great way to detect cameras, which need internet access in order to live-stream (I know, it’s a creepy thought). Connect your computer to the location’s Wi-Fi network, then scan that network with the Fing app. It will report back on what other devices are connected to the same Wi-Fi, so you can easily spot cameras. You can get Fing on both iPhones and Android phones. This method can be more effective than scanning for the glint of a lens because if the camera is hidden really well you might not point your scanner in its direction. However, an app like Fing also has its limitations. First of all, is the Airbnb host is really devious, they can create a separate hidden Wi-Fi network just for that camera. Second of all, the camera might not be active all the time, so Fing will not detect it if it’s sleeping. That doesn’t stop it from being turned on remotely at some point. By using these combined methods, you should be able to detect any hidden camera in your place of accommodation. If you find any secret cameras, call the police immediately and document the evidence. According to laws (valid throughout the world) and to Airbnb rules, hosts should let their customers know in advance about any cameras installed on the premises and limit them to public areas (such as the hallway or the living room of the rented apartment).
B. Skimmed ATMs which Steal Credit Card Details
Another less-known concern is that ATMs can be skimmed by hackers in order to introduce a device which steals your credit card details when you insert it in the machine. As far as ATM safety is concerned, people have learned to cover the view towards the keyboard when they type in their details. Just in case a hidden camera might be there to give attackers the info they might need, presuming they will also steal the physical credit card later. But that age is past – nowadays, professional hackers steal your money by inserting skimmers into the ATM machines directly. These added devices (skimmers) scan the cards and steal the login details as customers insert them in the ATM. By the time the bank catches on and removes the rogue device, thousands of clients may have their security compromised. So how can you stay safe from the danger of skimmed ATM machines?
#1. Limit your use of ATMs
We know that traveling with cash only is not really an option for most people. Large amounts of cash invite trouble of their own, but perhaps you can consider a mixed approach. Exchange some cash in the local currency before you leave (to get better exchange rates), then keep it close to you at all times. Besides having convenient cash on hand, you purchase some things online before your actual trip (besides accommodation and plane tickets). Many museums and tours offer the possibility of buying tickets in advance. In fact, it’s even recommended to do so in order to avoid long cue lines. You can do the same for a special dinner and so on. Finally, you can pay by card directly, skipping cash withdrawals at the ATM. Nowadays, most people have VISA or Maestro cards, and both can be used internationally without significant extra fees. Just make sure that the businesses you pay by card to are trustworthy. No shady back alley boutiques: you’re better off if you stick to cash payments for small street stores like that.
#2. Check the speed of feeding your credit card in the ATM
Did you notice that some ATMs seem to ‘swallow’ your credit card faster than others when you put it in? The slower entering speed is actually the mark of a more secure system. It’s harder for attackers to skim ATM machines which have this gradual insertion system in place. So, if your credit card seems to take a longer time to be inserted in the ATM – 3-4 seconds instead of just 1-2 seconds – then you can be more relaxed. Most likely, you are in good hands.
#3. Visit your bank before leaving on vacation
Last, but not least, make some arrangements with your bank before you leave on vacation. Let them know the countries you will visit so that they are not surprised when they see withdrawals and card payments from that location. But besides notifying your account manager for the sake of keeping them in the loop, it’s more important to establish or learn more about emergency procedures. Ask them what can you do if your credit cards get stolen and how fast can they contain the damage once you notify them. Ask them what info they need from you in order to verify your identity in case of a breach. Assuming that your phone also gets stolen, along with your ID, how can you prove to them that you are the rightful client? If you don’t have a few well-chosen security questions already agreed upon with your bank, it’s time to set them now. Make sure you use customized ones, not the generic ‘mother’s maiden name’ stuff, which can be easy for hackers to find out.
C. A Strain of Ransomware Claiming to Be Booking.com
Be mindful of phishing emails claiming to be from Booking.com. A recent strain of the Sodinokibi ransomware is targeting the users of this platform. Don’t open any suspicious emails or attachments, and keep your software always up to date. Ransomware tends to target older systems, so missing an update can have dangerous consequences.
20 Travel Safety Tips for Digital Online Security
Besides these two less known travel security issues, there are also a few travel safety tips which are both timely and timeless. We wholeheartedly recommend the following for all who are preparing to travel, in order to avoid trouble.
#1. Shred your travel documents
Thieves and hackers are not just after your actual credit cards and valuables. More and more often, they actually target your loyalty travel programs and frequent flyer miles. From there, they could escalate the breach and get into your bank accounts and so on. To stay on the safe side, make sure you shred your tickets, boarding pass, and ticket stubs as soon as you don’t need them anymore. The serial code on each could be used by malicious third parties to gain access to your accounts.
#2. Don’t use public Wi-Fi
We, the team from Heimdal Security, keep insisting on the dangers of public Wi-Fi. Few things are more insecure than a public Wi-Fi network, such as the ones from hotels and cafes. Unfortunately, despite the rise in ransomware attacks on entire business chains or institutions, there are still plenty of hotels that don’t secure their systems properly (with anti-virus plus proactive security measures). Until that happens, it’s best if you just refrain from any public Wi-Fi.
#3. Make sure you log out from everywhere
In an effort to be friendlier to users, some hotels and Airbnb places offer smart TVs with pre-installed popular apps, such as Netflix, Amazon Prime or HBO Go. This allows their clients to watch their favorite movies and TV shows even while traveling, simply by logging into their account. Since smart TVs use the same Wi-Fi network that I just mentioned is unsafe, I can’t recommend you to log into your Netflix account like this. Still, if you do (or for similar apps), at least make sure you log out from everywhere when you leave.
#4. Consider using an app for paying
Some credit cards (like American-issued ones) don’t require a PIN input before you swipe them to pay. This makes them more convenient to use but way more insecure than the PIN-using ones. To make sure you stay safe, why not consider an app which acts as a security token when you pay? Apple Pay, Samsung Pay, and Google Pay should help you get started. Some banking apps also offer their own pay-with-the-phone options.
#5. Password-protect your devices
Don’t leave your phone, laptop or tablets not password protected when you travel. In case a thief manages to get a hold of them, at least don’t make their stealing job easier.
#6. Activate tracking for stolen devices
Speaking of the unfortunate event of your devices get stolen, it wouldn’t hurt to activate tracking for them. If you report them as stolen, the police could then trace the thieves faster and you stand a better chance of getting them back.
#7. Refrain from posting travel updates on social media
I know that the enthusiasm surrounding vacations is big. But if thieves and hackers know that you’re away from home, they might break-in, or target you while on the go, especially if you post the upcoming agenda. Don’t help malicious parties track your every move. Those gorgeous photos can wait to be posted after you return.
#8. Try to stop your physical mail from coming in
Speaking of break-ins, try to prevent your physical mail from crowding your postbox. Nothing screams ‘I’m on vacation’ as much as an overfilling postbox. Some counties (including the U.S.) allow people to just opt out of receiving mail for a while (contact your local post office for this). If this isn’t an option, perhaps you can ask a friend to pick up your mail and keep it for you until your return.
#9. Consider RFID blocking card-holders (maybe)
RFID stands for Radio Frequency Identification – basically, the method used for scanning credit cards. In the past few years, wallets and card holders which boast RFID blocking properties became very popular among people concerned with security. Such items boast of blocking unauthorized readings on your cards (while you are in a public place, just in case a thief runs an illegal scanner for cards in their vicinity). But while I understand the appeal of such devices, I should also mention that RFID may be a bit of an overkill. The rate of RFID-related crime is virtually inexistent. Also, a sheet of aluminum foil inserted in your wallet is just as effective.
#10. Backup your data before traveling and remove it
In case something happens to your devices while you’re traveling, make sure you do a backup of any data on them before you leave. This way, there’s at least one less thing to be sorry about if they get stolen. Also, remove the data from the devices after you create a backup; you don’t need to give hackers extra ammo to hurt you.
#11. Clear your history and cache
Assuming the worst will happen and your devices get stolen and hacked into, it’s best if you clear your history and cache before you leave. Do so after each use while on the go, too. Don’t help your hackers by serving up your accounts and identity to them on a silver platter.
#12. Create temporary passwords
For the same worst-case scenario exercise, create temporary passwords for your main accounts before you leave. Most email accounts allow this option under the Settings tab. Temporary passwords will expire after a pre-defined time period and can’t be changed unless you know the original one.
#13. Turn off geo-tagging
Don’t help hackers know where you’re going and your every move. This could allow them to target you with mugging or elaborate scams. It’s best if you turn off geo-tagging while on vacation. You can do this from your mobile device settings. Don’t forget Twitter, Instagram, and iPhone photos – they all store the longitude and latitude of every photo unless geotagging is disabled.
#14. Uninstall redundant apps
Speaking of cleaning up your devices before you leave, don’t forget the apps. Take a good look at all of them and consider their usefulness. Do you really need each and every app installed? The less you have, the safer, since the apps could help potential hackers to enter your more important accounts (via credential stuffing and more).
#15. Disable tracers from your email
The less hackers know about where you are, the safer you are. If you already disabled geotagging from photos, make sure you also disable location tracking from your email account(s).
#16. Freeze your credit for new accounts
Some banks offer their clients the option of freezing their credit while they are on the go. This means that no one can open a new credit line or credit card in their name. If you’re confident that you won’t need to open one up in the foreseeable future, you should also consider this.
#17. Enable 2FA if you haven’t done it yet
Two-factor authentication is a bare minimum but greatly improves your security. You should enable this for all your major accounts and whenever possible. If you don’t already practice it, this is a great time to start.
#18. Turn off Wi-Fi and Bluetooth connections
Most devices will still scan Wi-Fi and Bluetooth connections in the vicinity even if automatic connecting is not enabled for any of them. Unfortunately, this can be the gateway that hackers are waiting for. It’s better to just disable Wi-Fi and Bluetooth completely until you get back to the safety of home.
#19. Turn off GPS and Near-Field Communication
The same goes for GPS and NFC (Near Field Communication – the system used for location-based communications such as special offers popping up on your phone when you are in a physical store location) connections. They can be notoriously unsafe and easy to exploit for fraud. Search through the settings of your mobile device until you can disable them.
#20. Update your protection
Make sure your anti-virus is updated so you are less vulnerable to malware and ransomware while on the go. Also, as you probably know by now, anti-virus is not enough. You need a proactive security layer that scans traffic, which will go on top of the anti-virus you are using. If you’re getting ready to travel soon, here’s a small gift from us. A month of Heimdal™ Premium Security Home (containing both a next-gen anti-virus, Heimdal™ Next-Gen Antivirus & MDM, and the proactive security layer, Heimdal™ Threat Prevention ) on the house:
5 Travel Safety Tips for Offline Security
Online safety is our backyard and what we’re best at, so of course most of our travel safety tips had to do more with cyber-risks. But it doesn’t hurt to remind everyone of the best offline practices and precautions you should take while traveling, as well.
#21. Consider a double wallet
In case you get mugged – and hopefully, it won’t be the case – you could consider keeping an extra fake wallet around, with just a bit of cash and 2-3 business cards or similar inconsequential items. This way, you can just hand over the fake wallet and keep the real one hidden deeper under your clothing. Besides money, the trouble with wallets getting stolen is that you also lose hard to replace items like cards and documents. It’s best to avoid the hassle simply by outsmarting the thieves with a fake wallet, even if (hopefully) you never get the chance to use it.
#22. Don’t let your guard down with strangers
Meeting business associates in their country, but it’s the first time you see them face to face? It’s best if you meet them in a public location or the hotel lobby. Don’t invite them into your room. The same goes for online friends or for any new friends you might make along the way. Being slightly paranoid can put a damper on things, but it’s better to be safe than sorry. Your room number should remain private no matter how much you think you can trust well-meaning strangers.
#23. Try to blend in
This is a universally valid safety rule: don’t look and behave like a tourist. Try not to stand out through inappropriate clothing, don’t stop and stare or take photos of everything you see, or converse loudly in a foreign language. Especially if you’re alone or in a very small group. Along the same lines, try to walk with a purpose even if you’re still figuring out your surroundings. If you need to check a map, do it discreetly, on your phone. The purpose here is to avoid looking vulnerable or confused, which could single you out as an easy target.
#24. Don’t flaunt your valuables
Besides avoiding looking vulnerable, you should also try to avoid looking rich. Don’t wear expensive items like a fancy watch or jewelry. The same goes for clothes: budget, sport-style items are more comfortable for traveling anyway. Also, try not to flaunt your cash either. When you buy something with cash, remove the appropriate amount from your wallet discreetly. If you notice someone staring, be on your guard.
#25. Keep copies of your documents
Just in case a thief does manage to steal your wallet, do keep some color copies of your ID and travel documents in your main luggage. Until you can sort things out with your embassy, it helps to be able to identify yourself so you can start to get the stolen cards invalidated, get your ID back, get back home and so on.
Warning Signs that Something Is Wrong When You’re Travelling
Besides having your valuables stolen, which is noticeable right away, there are other warning signs that something may be wrong. To make sure you don’t miss them, keep a close watch on your bank accounts and transaction reports. You can do so via the secure banking app, at the end of each day. If you notice any payment you don’t recognize, alert your bank immediately. As a bonus, this practice will also help you keep a closer watch on your spending. If you’re anything like me when traveling, you probably need it. The same goes for any suspicious activity related to your main online accounts. If you suddenly can’t log in to your email or social accounts, something is wrong. Here’s how to recover your accounts, and make sure you protect them better with two-factor authentication next time.
Final Safety Advice for Travelers
I hope the extensive list of the advice above doesn’t seem overwhelming. Once you get used to applying these safety measures, they will become close to second nature. Hopefully, it won’t feel like a burden then, and as the saying goes, it’s better safe than sorry. Did you have any bad experiences when traveling? Is there any other advice not included above which you’d like to add? Leave a comment below and I’ll answer you asap.