The Traveler's Guide to Cyber Security

My husband thinks I’m paranoid and when it comes to cybersecurity. I guess I should admit that I am. In my book, there is no such thing as being too safe. I am not the type of person to download any old app or to buy just any popular computer security program. I need to have questions answered first. Who makes the software? Where are they located? What government is regulating that company? I think these are all questions we should all be asking when it comes to our privacy and security. I mean it’s great and all to hear that a lot of people love to buy a particular product, but that’s just not good enough for me.

1.    Be Very Careful About Shared and Insecure Internet Connections

When traveling, it is hard to find connections other than public ones at hotels, cafes, airports, you name it. To see the warning “this connection is unsecured and others may see your information” is almost a staple of the travel experience. The risk applies to anything you type into your keyboard while connected, such as email passwords and website logins.

The best approach in this case is to be very careful when using these connections; logging into your bank account, work email or other sensitive account should be avoided if at all possible. If you have no alternative, choose what you type over these open connections very carefully.

If you’re traveling with your own laptop and using free Wi-Fi, it is important to make sure your connections are secure. Some websites let you log in over open networks; always try to use HTTPS://www.website.com instead of HTTP://www.website.com (the S stands for “secure” and indicates that the data is encrypted for more protection). You can also get a plug-in for your browser like HTTPS Everywhere (Firefox, Chrome and Opera only), which will do this automatically. Another possible solution is Private Internet Access VPN, which helps encrypt your data when you’re using a public connection from your own computer. As a not-so-reformed workaholic I swear by my VPN service when I am on vacation overseas (where I shouldn’t be working but probably am).

If you want more security when using someone else’s machine, such as at an Internet cafe, hotel lobby computer or other public terminal, you can try a pay service like Authentic8. Authentic8 runs the browser in a “silo” in the cloud, where all connections and data are kept secure. The service gives you a display on the local computer, and prevents things like key loggers from accessing your passwords.

2.    Delete All Cookies and Browsing History on Public Terminals

The Federal Trade Commission advises that if you must use a public computer, the last thing you should do before you walk away is delete all cookies and browsing history before you log off. Many computers can cache quite a bit of significant information, and some websites are even set up to keep you logged in when you close the browser unless you specifically log off (such as Facebook and LinkedIn). Many public terminals will delete this type of data automatically, but doing it yourself offers much better peace of mind.

3.    Use a Dedicated Travel E-mail Address

When I see messages arrive from overseas via work email accounts, I shudder a little every time. If someone gets access to your work email account, the amount of damage they could do to your livelihood is immeasurable. Certainly, there are times when you need to log in to your work account, but you will want to use caution in the extreme at those times.

My suggestion in this case is to use a personal email address when possible while traveling and communicate from that email address exclusively. Make sure not to store any sensitive information in this account so that a fake log-in won’t be cataclysmic. On occasion you will see addresses like johndoetravelemail@gmail.com; this travel-exclusive email approach can work very well. Just explain to clients and colleagues that you’re using this temporary email address to protect them and you.

4. Pare Down your Wallet

Use a special wallet for travel. Preferably one with RFID. If you’re taking your everyday wallet then empty it out and leave almost all of the contents at home. Once you empty it you can put back only the credit card and bank card that you plan to use on your trip. Depending on where you’re traveling you can also add back your health insurance card and driver’s license.  Add your cash and foreign currency and you’re all set.

 

If you’re going to a location that is known for pickpocketing, or is going to be packed with people, consider leaving half your stash in your hotel safe if, in fact, you deem it to be safe. Or better yet keep your valuables along with your passport in a concealed money belt next to your skin.

5.    Guard Your Documents

This is one of the tips you will encounter in most travel safety articles, so I won’t go into it at length here — but suffice to say that if you leave any sensitive documents lying around in your hotel room while you are out, you are a lot more likely to experience identity theft than if you have them in a money belt, document protector, or an RFID-blocking wallet.

6. Protect Your Children Too

A frightening development in identity theft crimes is the use of a child’s name and identity to open bank accounts and credit cards, apply for government benefits, and more. In most cases, criminals use a child’s Social Security number to get started.

When traveling, document requirements vary widely for children — sometimes you need ID, sometimes you don’t, sometimes you can fudge it either way — but many parents travel with some form of identification just in case. Often, these are very sensitive documents like birth certificates and Social Security cards.

My advice is to get a passport for your child, and travel with that instead of any other forms of identification. Then protect your child’s passport in the same way you would your own.

If anyone requests your child’s Social Security number for any reason, ask if they can accept another form of ID, or simply refuse to surrender the number. If you suspect your child’s identity may have been compromised, in most cases a credit check is the quickest way to find out; your child should have no substantive credit rating whatsoever. For more on the topic, see the FTC’s information on Child Identity Theft.

7.    Use Only Bank ATMs

A recent trend among identity thieves has been to install card readers in an ATM by which they can access your card number and PIN. This happens most often at non-bank, “generic” ATMs (in hotels, convenience stores, etc.), which have less oversight and are therefore more vulnerable than bank-run and hosted ATMs. Stick with the ones at banks; these can still be compromised, but tend to be targeted by thieves much less often.

8.    Check Your Credit Card Statements on Occasion

Even at times when you are confident in the security of your connection — perhaps in a friend’s home, or when connecting using a smartphone app over a regular cell 3G or 4G connection (which tend to be more secure than public Wi-Fi) — check your credit card statement for suspicious activity.

Identity thieves like picking travelers as victims, as they rely to some extent on the delay in being found out that is inherent to travel; most travelers don’t check bank and credit card information until well after they have returned home, giving thieves a solid head start. As a rule, the sooner you can shut down an identity thief, the better, so consider checking in now and then to make sure things look normal.

9.    Keep Your Cell Phone Secure

Many of us think a lot about how vulnerable our computers are, but cell phones are potentially even more so: you have them on you at all times, they’re almost always turned on and logged in, they typically have apps on them that give access to personal information, and folks leave them lying around quite a bit. If there is anything you might lose or have stolen, it is a small, compact smartphone.

Some things you can do to protect yourself:
–    Set a password on the phone so someone who finds or steals it can’t use it.
–    Before traveling, consider deleting any especially sensitive apps, such as banking apps, social networks, etc. They are easy to reinstall when you get home.
–    Specifically log out of all apps before going out and about. As above with some websites, many apps keep you logged in by default (Facebook, Twitter, Angry Birds, you name it).
–    Remain wary of suspicious emails and websites. Studies indicate folks are much more likely to click on malware links on their cell phone than on their computer.
–    All of the foregoing cautions about public Wi-Fi spots go for your cell phone as well.

For more on the topic, see this how-to from WikiHow.com: How to Prevent Your Cell Phone from Being Hacked.

 

9.    Keep Your Cell Phone Secure

Many of us think a lot about how vulnerable our computers are, but cell phones are potentially even more so: you have them on you at all times, they’re almost always turned on and logged in, they typically have apps on them that give access to personal information, and folks leave them lying around quite a bit. If there is anything you might lose or have stolen, it is a small, compact smartphone.

Some things you can do to protect yourself:
–    Set a password on the phone so someone who finds or steals it can’t use it.
–    Before traveling, consider deleting any especially sensitive apps, such as banking apps, social networks, etc. They are easy to reinstall when you get home.
–    Specifically log out of all apps before going out and about. As above with some websites, many apps keep you logged in by default (Facebook, Twitter, Angry Birds, you name it).
–    Remain wary of suspicious emails and websites. Studies indicate folks are much more likely to click on malware links on their cell phone than on their computer.
–    All of the foregoing cautions about public Wi-Fi spots go for your cell phone as well.

For more on the topic, see this how-to from WikiHow.com: How to Prevent Your Cell Phone from Being Hacked.

 

10.    Follow Up After Your Trip

When you get home, check bank activity, credit card activity and even medical insurance claim activity to see if there is anything you do not recognize. These are often the first places you’ll see indications of identity theft. Some thieves will purposely use your information in situations where the paper and digital trail will only appear slowly — establishments that submit charges and claims manually (or at least not in real time) — so it is a good idea to check again after a couple of weeks to make sure nothing has shown up in the meantime.

11.    Change Passwords and PIN’s

You may want to change your passwords after a trip; identity thieves are thought to be very patient criminals, and often wait until you are less likely to pay attention after a few weeks at home.

If you really like your password or PIN, one approach might be to change them right before you leave, use a new password while traveling and then change them back to your preferred passwords when you get home.