Summer is here and for many families that means travels plans, but do your summer travel plans include taking care of your data and digital devices? Which digital devices do you plan to take on your trip and what sort of data do they contain? Perhaps more importantly: What kind of data can they access? These are important questions to think about because these days your data and devices are targets for thieves of all kinds, at all times, including when you’re on vacation. In a moment I will have some tips on thwarting the bad guys, but first, think about this: What would happen if someone stole your smartphone or that company laptop you thought you needed to take along on the family sightseeing trip?
Quite frankly, if you could get hold of my iPhone and by-pass the security code you could access a lot of personal data about me. If you could also guess my passwords you could get to my bank account. On top of all that you could use my email to fake messages from me and pretend to be me on Facebook and Twitter.
Why would anyone want to do those things to me, or you, or to members of your family? The answer is simple: Money! There are underground markets in which you can sell all sorts of data, from bank account details to user names and passwords. And there are people who make a living stealing data to sell in these markets. Of course, there are also people who steal digital devices to sell, everything from smartphones to iPods and iPads, notebooks, e-readers, and tablets. Here are some tips to avoid getting stung this summer, by cybercriminals and plain old-fashioned thieves.
We begin with the challenge of protecting the devices themselves. Bear in mind that criminals and scam artists have a long history of targeting people who are traveling or vacationing. Often when we travel we are distracted. We may be more likely to use poor judgement.
Before you leave home:
On the road:
You might think that getting away from your office means getting away from people who want to steal your data, but the bad guys are quite happy to target travelers as well as company networks. A relatively new strategy for hacking people who are on the road was publicized in May by the FBI and an organization called the the Internet Crime Complaint Center (IC3). A warning to travelers was issued about a threat involving hotel Internet service overseas. The threat played upon the fact that people trying to use the Internet from a hotel in a foreign country are sometimes pretty desparate to get connected. So the bad guys found a way to pop up a message during the connection process that told the traveler to install a software update to complete the connection. The installation was actually a piece of malicious software. Here are some tips for protecting your data from this and other attacks:
Finally, if you have not made any vacation plans yet this year, don’t be tempted to fall for the “free, two-day cruise in the Bahamas for two” scam that is currently being perpetrated over the telephone. My colleague Aryeh Goretsky got not just one call trying this scam, but two. He describes the second one here and reveals the goal of the scam is probably to get your credit card number and charge you a non-refundable port fee.
Author Stephen Cobb, ESET