If you’re like many jet-setters, you’re still on social media even while on vacation — but that could be putting you at risk of getting hacked.
More than half of all consumers stay connected and don’t unplug from their devices when traveling, according to a new survey from cybersecurity company McAfee, while 54% said they couldn’t last a full day without texting a friend. Meanwhile, over a third of respondents said they couldn’t resist the urge to post to social media while on vacation — a similar share of people surveyed said they had to check their work or personal email every day, even when away from home. The poll surveyed 9,500 people who use an internet-connected device such as a smartphone or laptop daily in Australia, France, Germany, the U.K. and the U.S.
Nearly one-third of consumers said they primarily used public Wi-Fi to access the internet, while 1 in 5 said they don’t consider a Wi-Fi network’s security before connecting.
The large share of people who can’t bear going without their technological security blankets aren’t just missing out on special experiences when traveling; they are also exposing themselves to serious risk. According to the survey, 31% of consumers said they primarily used public Wi-Fi to access the internet, while 1 in 5 said they don’t consider a Wi-Fi network’s security before connecting. Additionally, 15% of the survey’s participants said they feel their personal information and data is more secure while traveling than at home. “They have no idea of what the security is like there,” said Gary Davis, chief consumer security evangelist for McAfee. “They go in with this false promise that it will be fine because everything works fine at home.”
Using public Wi-Fi networks, though, can render travelers vulnerable to hacking and viruses. It is very easy to create a Wi-Fi network and name it similarly to an official one from a hotel or airport. By spoofing public Wi-Fi networks in this way, hackers can monitor a person’s internet activity to collect their private information or even use the Wi-Fi connection to place malware on a person’s device. Similarly, browsing the web on public computers or at internet cafes is perhaps even riskier, according to Dave Dean, founder of consumer travel technology website Too Many Adapters. “If you’d like to have a big bullseye on your forehead, please go ahead,” he quipped. “It’s a terrible, terrible idea.”
Before leaving home, Davis advises consumers to make sure their devices and apps are up-to-date, since updates typically include security patches. While jet-setting, here is what experts do to keep their devices and personal information safe:
Use VPNs or cellular data to surf the web
If consumers absolutely must use the internet while traveling, Dean and Davis both recommend using a virtual private network, better known as a VPN. This technology extends private networks so that they can be accessed via a public one, ensuring security. Consumers can choose between free VPN and paid VPN subscriptions — the subscription-based services often extend across multiple devices, Dean said. (As an added bonus, VPNs also allow travelers to bypass censorship, such as the firewall in place in China, and access media from abroad.)
If for whatever reason connecting to a VPN is not possible, then the next best option is using cellular data. Particularly, when conducting transactions or checking bank accounts, accessing the internet through 4G or LTE will reduce the possibility of that information falling into the wrong hands. “I don’t trust anything I don’t have to trust,” Dean said. “The only people who can be snooping on that really is the cellphone company.”
Leave the laptop at home, but consider a back-up device
As Dean puts it, too many people feel the need to bring multiple devices on a trip. But toting that laptop, tablet and smartphone not only means more devices need VPN access, but also that more is at stake in the case of theft. Leaving devices at home is the best way to make sure they’re not compromised.
That said, taking multiple devices on vacation isn’t necessarily a bad thing. Dean suggests that some travelers may want to bring along an inexpensive, unlocked phone, particularly when traveling internationally. By using one of these along with a SIM card from a local cellular carrier, vacationers can save money. Plus, it won’t be as heavy a loss if this device were lost or stolen as compared with a fancier smartphone.
Watch what you post when you’re out of town
While it may be fun to gloat on social media by posting photos, doing so can be risky. Crooks monitoring social media could take advantage of the information and break into your home, Davis said. Just ask socialite Paris Hilton.
Back up your data and encrypt your devices
Getting mugged will sting a lot more if photos and videos from the trip aren’t backed up. While it is easier than ever before to back up data to the cloud from mobile devices, Dean also recommends having a physical failsafe on trips as well such as a flash-drive or external hard-drive. “I know way too many people who lost their precious travel photos because a phone got stolen,” he said.
As for any data that is stored on a device, Davis cautions that consumers should make sure it is encrypted. Otherwise, someone could extract sensitive information from any device they get their hands on.
Above all else, keep your email and passwords safe
Consumers should be using password manager services to make sure their online accounts are safe. But for the many Americans who use the same password for everything, they should change their email password before any others in the event of getting hacked. “The most important password you have, other than your bank accounts, is your email,” Dean said. “If they’ve got access to your email, they’ve got access to any other service where a password reset link would be sent to your account.”
If a device gets hacked or stolen, don’t panic
In cases where a person’s device has a suspected virus, experts say to download anti-virus software that can scan and quarantine it. Consumers should then use a secure device to access their various online accounts and set new passwords. And if credit card or bank accounts have been implicated, they should contact the respective company to monitor or freeze the account.
Meanwhile, Davis suggests that families traveling together should use a service that locks and locates a device if it goes missing, when it’s the service offered by the device’s manufacturer or a third party. And if need be, consumers should remotely wipe their devices. “The type of information that’s on there is worth magnitudes more than the value of the device itself,” Davis said.