Over the holidays many of us travel to visit friends and family or take a break elsewhere. The last thing we expect is to become a victim of a data breach or digital theft. In this blog, we explore some of the cybersecurity threats looking to exploit our vulnerabilities while on the move and provide fundamental tips to protect yourself over the holiday season.
1. Public Wi-Fi and Fake Wi-Fi Networks
Using devices outside of work or home can be frustrating when you have an intermittent connection. Many of us connect to free Wi-Fi absentmindedly, whether that’s in a café, airport, hotel or on the train. Unfortunately, public Wi-Fi is often exploited by cybercriminals. A study conducted by Kaspersky Security Network found nearly a quarter of the world's public Wi-Fi hotspots don't use any kind of encryption. Meaning any information that is sent between your computer and the wireless router is available to see and not hidden in code; leaving you open to a data breach and potentially a breach inside your workplace if a company device is being used.
Even those networks which are protected with encryption can pose a risk. Software vulnerabilities leave networks open to man-in-the-middle attacks, in which the hacker intercepts information being sent from one point to another, enabling them to gain access to the information. There is also the risk of malware distribution. Malware is intrusive software that is designed to damage and destroy computers and computer systems. It includes viruses as well as spyware.
Then there are Fake Wi-Fi spots. Set up by hackers with the sole purpose to lure you in with “free Wi-Fi” to then steal your information, which explains why they are often referred to as honey pots. If effectively constructed, the access point will assume the appearance of any other legitimate network, providing a convincing name – for example, the name of your hotel. Much like genuine Wi-Fi spots, they can be found in many public locations. If you fall into the trap of accessing a malicious network, sensitive information can be stolen, including usernames, passwords, browsing history and other relevant information to support a cyber attack.
Tips to protect yourself when using public Wi-Fi:
- On your Wi-Fi settings switch off the feature to automatically join networks, to avoid connecting to unwanted networks.
- Before connecting to a network try to verify it’s legitimate. Ask an employee at your location for the Wi-Fi access point name and IP address to ensure it’s not a malicious network.
- Use a VPN, this will encrypt all information being shared across the internet denying hackers access to the data.
- Try to avoid using sites and apps where sensitive information can be stolen. If you need to use a banking app, for example, make sure to read their privacy and security policies and set up two-factor authentication to limit access.
- Only visit encrypted websites. You can recognise these by the padlock symbol in the browser at the beginning of the address or it will show HTTPS. This means the connection between the browser and the web server is encrypted, so any data that is submitted to the website will be safe.
- Employ anti-malware and security technology to protect your devices.
- If possible, use the hotspot from your mobile device to connect to the internet.
For more tips checkout our dedicated blog post here.
2. Fake Public Charging Stations
Living in this digital age, we rely on our phones for many day-to-day tasks. From banking and sending emails to purchasing and accessing travel tickets. If your phone dies while you are out it can be a huge annoyance. Hence, public charging stations can be a lifesaver. But it may not be worth the risk. “Juice jacking” is when a fake charging station is set up in a public venue – connecting your device could provide criminals with access to all your private information and lead to a serious data breach. This form of hacking is highly effective as they use something we see daily – a USB cord. With a USB cable, data and power can be transferred between two connected devices. Often when using a charging station, you will only see one end of the cable and not where it connects to, thereby allowing the user to collect your data, share your screen, or infect your device.
To best protect your device, only connect to an outlet where you can see the power source. Alternatively, bring your own charger and connect directly into a wall outlet. The safest option is to invest in a battery pack and avoid public charging all together.
3. Skimmer Devices
This form of attack is less frequent but could be regarded as the most dangerous. A skimmer device is used by cybercriminals to copy your credit card information without the need to touch it. The device is small and can be easily concealed. When the skimmer device is hovered over a credit card, it is able to extract the information on that card. Skimmers are often associated with POS devices and cashpoints, as criminals can easily attach the device onto the card reader. Unknowing customers who use the machine will have their credit card information copied. The untrained eye is unlikely to notice when a skimmer is in place on a card reader, as its appearance successfully mimics that of the original opening on the card reader. Once the device is in position the hacker just waits for the machine to be used. Cameras are sometimes used in conjunction, to capture victims pin codes, too.
Purchasing an RFID wallet or cardholder for your credit card will defend against a skimmer attack if a criminal is attempting to steal the information while you are in possession of the card. When using cashpoints, such as those found at gas station pumps, look out for any signs of tampering in the areas around the card reader and the card reader itself. If something looks different, such as a different colour or the material or graphics aren't aligned correctly, avoid using that machine. If there are two cashpoints beside each other, check out the one next to you for any obvious differences.
The sad truth is that cybercriminals are looking to take advantage of us at every opportunity, especially when our guards are down. We hope these tips help you to stay vigilant so you can enjoy safe travels and a happy holiday season!