Pass these tips on to help minimise the threat of your customers falling victim to a cyber attack while using mobile phones and tablets on holiday, says Suraj Tiwari, global head of information security at VFS Global
Much of our day-to-day activity centres on digital technology and being online. It has become a staple of our life, and has been hyper-charged in scale and scope by the disruption and hybrid work practices born from the coronavirus pandemic. From Teams meetings and sending work emails, to travel bookings, banking and shopping, we are now sharing and consuming more and more personally-sensitive data on our devices.
While this shift has brought fresh efficiency, it has also exposed us all to the threat of new cyberattacks – particularly when we’re on the move at peak times, such as during the summer holidays, and at airports and train stations, where there are temptations to connect to public Wi-Fi or to recharge our devices via USB ports.
So, it is important for your clients (and you of course, when you are travelling, whether for work or pleasure) to be mindful of security, where possible, and that we all take steps to mitigate our exposure to risk when we’re working or consuming information in unfamiliar locations.
Here are some very simple and easy to follow steps that could help keep your clients and their digital-selves safe this summer.
Before setting off on your travels, be sure to update the operating systems across your devices. This includes apps on your phone. It is also worth considering disabling, or even deleting, non-urgent apps that carry personal and financial information about you for the duration of your trip.
Laws and regulations governing online security vary from country to country. Free Wi-Fi access can be appealing while at an airport or train station, but carry security risks, including “Man-in-the-Middle” (MITM) attacks from compromised routers, or “Evil twin” connections, which often take the form of similarly-named connections and are usually tied to a shop or eatery in your vicinity.
It is also worth avoiding internet cafes and free Wi-Fi hotspots unless they carry password requirements. Even if they have this layer of protection, it’s best to avoid accessing personal accounts or sensitive data on such a network. At a minimum, consider using a VPN for a personal Wi-Fi connection, or create an encrypted hotspot from your mobile phone, in order to connect other personal devices.
Publicly accessible USB ports carry genuine risk to devices and data. Termed ‘juice-jacking’, the threat has grown considerably in recent years and allows criminals to load malware onto phones and other devices of unsuspecting users. The malware can lock devices and export data such as passwords direct to the scammer. It is advisable to carry a mains charger while travelling or to use a personal power bank. In short, you should avoid public USB ports.
Most phones in the UK and Europe have settings that allow a device to automatically connect to Wi-Fi networks. While this is a handy feature, it does carry risks when traveling abroad.
Before travel, change this setting so that your smartphone and laptop ask before connecting each time you wish to access the Internet. The same should apply to Bluetooth connectivity while you’re away. Unless you absolutely have to use Wi-Fi, it’s best to keep this function switched off for the duration of your trip. This will also extend the battery life of your device.
It’s common to update social media while travelling to new cities and countries. The problem with this is that it creates a security threat. By signalling your location, you make it easy for a criminal to determine you’re not in your hotel room or at home and can leave personal belongings vulnerable to an intrusion. Limit the information you post online about your whereabouts – and, before leaving on a trip, consider how accessible your content is beyond your followers and close friends.
Most smartphones, laptops and tablets come with security settings that enable you to lock the device using a PIN number or fingerprint ID. Ensure this is a default across your personal device. Before travelling, consider changing your PIN numbers, and, once home, repeat this process to mitigate your exposure to a breach.
This is a simple step that is perhaps the most overlooked by travellers. Yet it has become so much easier to perform thanks to the rise of mobile and internet banking applications. Gone are the days of having to go into a branch or sit on hold on the phone to speak to your bank. Most banking apps carry an encrypted chat or messaging feature which allows you to notify them of your movements. This quick and largely painless action before a trip can help nip potential credit or debit-card fraud in the bud and allow you to access your money without the fear, and headache, of limitations being imposed on your account.
It’s better to be safe than sorry, so do be mindful of the personal risks you and your clients face, and be sure to recommend your clients adopt these easy practices before they set out on their travels.