As the summer traveling season quickly approaches, most travelers envision exchanging work clothes and school books for shorts, flip flops, and beach umbrellas as they look forward to that well-deserved vacation. While planning their road trips and flights, many can’t wait to see faraway attractions for the first time, or feel the sand between their toes with a cool drink in hand while watching the waves roll in from the horizon.
Unfortunately, hackers have their own plans this summer — to steal travelers’ personal information from their laptops, smartphones, and other devices connected to the internet through public Wi-Fi at airports and hotels.
Hackers can access personal information from public Wi-Fi-connected devices through an attack that emulates a legitimate Wi-Fi access portal. This allows nearby threat actors to see everything public Wi-Fi users do online, including logging into their bank accounts, entering credit card numbers on websites, or checking email.
A hacker can also trick public Wi-Fi users into accessing what looks like a safe website when they are actually opening a fake version that asks to download a “security patch” or another critical update. Upon complying, it is possible that the Wi-Fi users unknowingly consent to install malware, which can give cyberthieves more access to their computers, phones or tablets — even after they return home from vacation.
Because hackers can easily access personal information over public Wi-Fi, travelers should practice great caution and diligence in defending themselves against becoming the next cyberattack victim while waiting at airports and staying at hotels.
Nearby hackers can set up fake Wi-Fi access portals through a “man-in-the-middle” attack to access this information and, ultimately, all your money.
Be wary of thieves looking over your shoulder to record your password or other sensitive information as you type it in. Privacy screens, which mask on-screen information from nearby individuals, are sold at most airports and office supply stores.
If you have highly personal or sensitive information, you should turn off file sharing on your computer to keep it away from hackers. While sharing provides a convenient way to move files on a trusted connection, hackers can copy files that are left open or not protected with permissions while you are on an insecure connection such as public Wi-Fi.
They typically indicate something is wrong with “certificate of location you are trying to access.” If you see these, you should stop using that connection altogether. Certificate errors are the most common sign that someone is trying to trick you so they can see your data.
Many carriers, such as AT&T, Verizon, and Sprint have a means to allow you to set up your phone to be a secure Wi-Fi hotspot that can be accessed by other devices. Utilizing this connection instead of free Wi-Fi means your data is not available to the nearby hacker looking for victims.
When connecting to a public Wi-Fi network at a hotel or airport — or anywhere else for that matter, use a virtual private network. By doing so, you will be using a “private tunnel” that encrypts your data to prevent cybercriminals lurking on the network from intercepting your data.
Make sure all your devices — computers, tablets, laptops, smartphones, and so on are safeguarded from hackers by rigorous anti-malware and security software. Also, ensure that your software and devices are updated regularly.
In addition to taking precautions when using public Wi-Fi at hotels and airports, travelers should also think twice about posting their activities on social media such as Facebook, Twitter, Instagram, or LinkedIn while they are far from home.
While it may be fun to share vacation adventures with friends or work activities with colleagues in real time, this can tip off cyberthieves — who may have home addresses. Even if the hackers aren’t following the travelers directly, they can easily find who is on vacation through Twitter by simply logging into the site and looking up #Hawaii, for instance.
These thieves can arrive at travelers’ homes disguised as repair technicians or delivery persons and steal their personal belongings without arousing suspicion. Given the risk, travelers should wait until they get home before sharing their travel pictures and comments on social media.
While away from home on vacation on business this summer, travelers using public Wi-Fi at hotels and airports must play it safe when connecting to the internet or posting to social media. After all, hackers are always out there in cyberspace, looking to steal whatever they can from the next victim.
With these tips, however, vacationers should be able to finally unwind and relax.
Subscribe to Lumifi's Daily Cybersecurity News Curated by a CISO
We’ve expanded our MDR capabilities with enhanced incident response and security services to better protect against evolving cyber threats.