Cybersecurity travel tips
Travel season
As you prepare to get away on that well-deserved break, you need to continue to watch out for cyber threats because unlike you, the attackers do not take a holiday. Should you travel, the need to be on the look out for cyber threats remains -especially as there might be the continued need to access the Internet while away.
Why do cybercriminals target individuals?
The primary reason why the bad guy target individuals is usually for financial gain. Cybercriminals will typically target individuals to steal identities and other personal information to sell for a profit. The cybercriminal may also choose to steal other pieces of information such as credentials to obtain access to individuals' bank or other financial accounts. At other times, the preference is to steal sensitive information on computers or devices to monitor the victim's online activities in order to extort money. Finally, cybercriminals may target individuals for the purpose of gaining control of their computing devices to gain control over information that may be considered important and demand ransom payment before releasing this information back to the individual.
How does the cybercriminal target me while on vacation?
- Criminals can establish fake wireless access points that appear similar to the same ones advertised by a hotel or lodging location. If not vigilant should you connect to this wireless network, the criminals may have access to your information.
- Cybercriminals can install malicious software on a computer installed in public places such as a hotel or airport. In this setting, the software can then be enabled to capture all the information you enter on this computer.
- Cybercriminals can take advantage of automatic connections on your mobile device such as Bluetooth and Nearby device scanning to connect to your device and access your information.
- Cybercriminals can install malicious software (malware) on public computers or similar devices such as "free" charging stations or hotel docking stations. When you connect to such a device, malware could then be transferred to your own device for future exploitation.
- If you accidentally lose your device and it ends up in the hands of a cybercriminal, your information may be stolen. Cybercriminals can use this information for targeted phishing scams.
- Criminals can use information that you share on social media to target you, your family, friends and your physical belongings. Giving out this information also notifies the bad guys that you are away from home- which leaves your home vulnerable to intrusion.
What can I do to protect myself?
Before you go
- Ensure that your devices have the latest vendor software updates installed.
- Ensure you have good antivirus software installed on all your devices
- Ensure that your devices have strong unique passwords. For mobile devices you can put additional authentication mechanisms such as biometrics or screen pattern.
- Back up your data files to another device or to software of your preference before you leave home.
While you are away
- Do not access sensitive accounts or conduct sensitive transactions over public networks, including hotel business centres and Internet cafés. If a connection to sensitive accounts or systems is required, use a virtual private network (VPN) connection, if it is legal in the country to which you are travelling.
- Make sure your firewall is enabled when joining public/untrusted networks to access the Internet. Avoid saving passwords in your browser, use a password manager instead to manage your passwords.
- Disable wireless connection (Wi-Fi) and turn off all other device network connections and services when not in use.
- Use your personal computer or a direct-to-wall-socket charging port to charge your phone rather than using airport or hotel charging stations.
- Do not let your devices out of your sight or leave your phone unattended while charging in a public place.
- Lock up valuable and sensitive electronic equipment when you are not using them. Do not leave valuable or sensitive electronic equipment lying around your hotel room.
- Avoid oversharing information about your whereabouts on social media.
- Always be on the lookout for social engineering scams and take precautions before clicking on links or providing sensitive information.
What can I do if I become a victim?
Contact the local law enforcement of the place you are visiting if you have been a victim of stolen items or potential fraud. If you are within Canada contact the RCMP if you believe a cyber incident is of a criminal nature which includes but not limited to fraud, extortion and child exploitation. If the incident involves an AU asset contact the Helpdesk or your supervisor to notify them about the incident.
Additional information resources
Join the discussion
A Yammer group has been created for AU Team Members to discuss cybersecurity related topics. Please join the discussion.
Updated August 03, 2021 by Digital & Web Operations, University Relations (web_services@athabascau.ca)