Cybersecurity While Traveling

Travel Safety Tips

In a world where we are constantly connected, cybersecurity cannot be limited to the home or office. When you’re traveling it is always important to practice safe online behavior and take proactive steps to secure Internet-enabled devices. The more we travel, the more we are at risk for cyberattacks. Use these simple tips to connect with confidence while you are on the go. 

Before You Go

  • If You Connect IT, Protect IT. Whether it’s your computer, smartphone, game device, or other network devices, the best defense against viruses and malware is to update to the latest security software, web browser, and operating systems. Sign up for automatic updates, if you can, and protect your devices with anti-virus software. 
  • Back up your information. Back up your contacts, financial data, photos, videos, and other mobile device data to another device or cloud service in case your device is compromised and you have to reset it to factory settings.
  • Connect only with people you trust. While some social networks might seem safer for connecting because of the limited personal information shared through them, keep your connections to people you know and trust.
  • Keep up to date. Keep your software updated to the latest version available. Maintain your security settings to keeping your information safe by turning on automatic updates so you don’t have to think about it and set your security software to run regular scans.
  • Double your login protection. Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that requires logging in. If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token—a small physical device that can hook onto your key ring.

During Your Trip

  • Stop auto connecting. Some devices will automatically seek and connect to available wireless networks or Bluetooth devices. This instant connection opens the door for cyber criminals to remotely access your devices. Disable these features so that you actively choose when to connect to a safe network.
  • Stay protected while connected. Before you connect to any public wireless hotspot—such as at an airport, hotel, or café—be sure to confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate. If you do use an unsecured public access point, practice good Internet hygiene by avoiding sensitive activities (e.g., banking) that require passwords or credit cards. Your personal hotspot is often a safer alternative to free Wi-Fi. Only use sites that begin with “https://” when online shopping or banking.
  • Play hard to get with strangers. Cyber criminals use phishing tactics, hoping to fool their victims. If you’re unsure who an email is from—even if the details appear accurate—or if the email looks “phishy,” do not respond and do not click on any links or attachments found in that email. When available use the “junk” or “block” option to no longer receive messages from a particular sender. Read the Phishing Tip Sheet for more information.
  • Never click and tell. Limit what information you post on social media—from personal addresses to where you like to grab coffee. What many people don’t realize is that these seemingly random details are all that criminals need to know to target you, your loved ones, and your physical belongings—online and in the real world. Keep Social Security numbers, account numbers, and passwords private, as well as specific information about yourself, such as your full name, address, birthday, and even vacation plans. Disable location services that allow anyone to see where you are—and where you aren’t— at any given time. Read the Social Media Cybersecurity Tip Sheet for more information.
  • Guard your mobile devices. To prevent theft and unauthorized access or loss of sensitive information, never leave your equipment—including any USB or external storage devices—unattended in a public place. Keep your devices secured in taxis, at airports, on airplanes, and in your hotel room.
  • Beware of Hotel Scams. When staying in a hotel, beware of these techniques’ scammers use to get ahold of your credit card information. Scammers bank on travelers - tourists and business people alike -- being tired or in a hurry. Be sure to pay attention and watch out for these tricks:
    • Fake Front Desk Calls: Scammers call late at night impersonating the front desk person. The caller claims there’s a problem with the card on file and asks the traveler to "re-verify" the credit card information.
    • “Free” Wi-Fi Connections: Wi-fi “skimming” is a growing scam that targets travelers with the promise of free Internet access. Scammers set up a fake connection that appears to be free, but it’s not safe. A scammer controls the connection through their computer, collecting all the data the traveler transmits. This includes passwords, card information, and more.
    • Fake Food Delivery: Scammers will distribute fake menus to hotel rooms. When a traveler calls the phone number and orders delivery, they collect the credit card information and never deliver the food.
    • Checkout Scam: When checking into your hotel room you’re always asked to give a form of payment to keep on file, such as a credit or debit card, for incidentals. However, at checkout you can decide to pay for your stay with another method, such as cash. No matter what payment method you use, make sure you get a receipt and keep it. The problem in checking out comes if there’s a dishonest individual working behind the desk. Say you decided to pay with cash. There’s a chance the individual could pocket the cash and still charge your room to the card on file. When you later notice this, you’ll need the receipt to prove that you paid.

more cybersecurity resources

'Information provided by the Cybersecurity and Infrastructure Security Agency and the National Cybersecurity Alliance. For more information, visit www.cisa.gov/ncsam